PT-2023-31258 · Quay · Quay

Name of the Vulnerable Software and Affected Versions: Quay affected versions not specified Description: A flaw was found in Quay, where clickjacking allows an attacker to trick a user into clicking on a button or link on another page. The config-editor page is vulnerable to clickjacking, which...

CVE-2023-4956

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

Red Hat Quay Security Vulnerability

Red Hat Quay is a distributed container image repository from Red Hat, Inc. that is used to build, distribute and deploy containers. Red Hat Quay suffers from a security vulnerability that stems from the vulnerability of config-editor pages to clickjacking attacks. An attacker can exploit this...

CVE-2023-4958

In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...

pixiv: clickjacing can lead to account takeover

An endpoint on the website https://sketch.pixiv.net/draw was discovered to be vulnerable to clickjacking. Proof-of-concept code was provided to demonstrate how a user could be tricked into performing unintended actions on the website...

RLSA-2023:4499 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation CVE-2023-4046 Mozilla:...

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...

RLSA-2023:4468 Important: firefox security update

TODO: add package description This update upgrades Firefox to version 102.14.0 ESR. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation CVE-2023-4046 Mozilla: Potential permissions request bypa...

SUSE-SU-2023:3228-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update Mozilla Thunderbird 115.1.0 bsc1213746: - CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas bmo1833876. - CVE-2023-4046: Fixed incorrect value used during WASM compilation bmo1837686. - CVE-2023-4047:...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update ...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...