6 matches found
CVE-2026-34773
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on Windows, app.setAsDefaultProtocolClientprotocol did not validate the protocol name before writing to the registry. Apps that pass...
Important: firefox
Issue Overview: Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100. CVE-2022-29912 In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an...
firefox: Clickjacking the registerProtocolHandler info-bar Reporter
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...
firefox: Clickjacking the registerProtocolHandler info-bar Reporter
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...
firefox: Clickjacking the registerProtocolHandler info-bar Reporter
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...
UBUNTU-CVE-2025-1935
A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...