Lucene search
K

274 matches found

OSV
OSV
added 2025/06/26 8:45 a.m.4 views

SUSE-SU-2025:02122-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to MozillaFirefox 128.12.0 MFSA 2025-23, bsc1244670: - CVE-2025-6424: Use-after-free in FontFaceSet - CVE-2025-6425: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID - CVE-2025-6426: No warning when opening...

9.8CVSS6.6AI score0.03123EPSS
Exploits0References7
OSV
OSV
added 2025/06/24 5:1 p.m.6 views

CLSA-2025-1750784473 libsoup: Fix of 2 CVEs

CVE-2025-32911: fix use-after-free vulnerability in soupmessageheadersgetcontentdisposition function - CVE-2025-32913: fix NULL pointer dereference in soupmessageheadersgetcontentdisposition function...

9CVSS7.2AI score0.00847EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/24 2:46 p.m.12 views

CVE-2025-6430

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag, potentially making a website vulnerab...

6.1CVSS5.3AI score0.00215EPSS
Exploits0References4
NVD
NVD
added 2025/06/24 1:15 p.m.5 views

CVE-2025-6430

When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a embed or object tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12,...

6.1CVSS0.00215EPSS
Exploits0References7
OSV
OSV
added 2025/06/24 1:15 p.m.4 views

CVE-2025-6430

When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a embed or object tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox 140, Firefox ESR 128.12, Thunderbi...

6.1CVSS4.9AI score
Exploits0References7
Cvelist
Cvelist
added 2025/06/24 12:28 p.m.13 views

CVE-2025-6430 Content-Disposition header ignored when a file is included in an embed or object tag

When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a embed or object tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12,...

0.00215EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/06/24 12:28 p.m.6 views

CVE-2025-6430

When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a embed or object tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12,...

6.1CVSS5.7AI score0.00215EPSS
Exploits0
CVE
CVE
added 2025/06/24 12:28 p.m.93 views

CVE-2025-6430

The CVE-2025-6430 entry affects Firefox and Thunderbird prior to version 140 (and ESR prior to 128.12), where the Content-Disposition header is ignored for files loaded via embed/object, creating a potential cross-site scripting risk. Connected advisories confirm this affects Firefox/Thunderbird ...

6.1CVSS6.2AI score0.00215EPSS
Exploits0References7Affected Software1
FreeBSD
FreeBSD
added 2025/06/24 12:0 a.m.6 views

firefox -- multiple vulnerabilities

[email protected] reports: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. When a file download is...

6.5CVSS6.5AI score0.00285EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/06/17 12:8 p.m.11 views

libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header

A flaw was found in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

7.5CVSS7.3AI score0.00736EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

7.5CVSS7.1AI score0.00736EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/06/13 12:33 a.m.19 views

Spring Framework vulnerable to a reflected file download (RFD)

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download RFD attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input...

6.5CVSS7.3AI score0.00533EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/06/12 10:15 p.m.12 views

CVE-2025-41234

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download RFD attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input...

6.5CVSS0.00533EPSS
Exploits0References3
OSV
OSV
added 2025/06/12 10:15 p.m.4 views

UBUNTU-CVE-2025-41234

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download RFD attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input...

6.5CVSS6.8AI score0.00533EPSS
Exploits0References3
CVE
CVE
added 2025/06/12 9:14 p.m.238 views

CVE-2025-41234

CVE-2025-41234 : In Spring Framework, versions 6.0.x up to 6.0.28, 6.1.x up to 6.1.20, and 6.2.x up to 6.2.7 are vulnerable to a reflected file download (RFD) attack when a response header uses non-ASCII charset in the filename derived from user input via ContentDisposition.Builder#filename(Strin...

6.5CVSS6.7AI score0.00533EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/12 9:14 p.m.30 views

CVE-2025-41234 RFD Attack via “Content-Disposition” Header Sourced from Request

Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download RFD attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input...

6.5CVSS0.00533EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.7 views

PT-2025-25357

Name of the Vulnerable Software and Affected Versions Spring Framework versions 6.0.5 through 6.0.28 Spring Framework versions 6.1.0 through 6.1.20 Spring Framework versions 6.2.0 through 6.2.7 Description The issue allows remote attackers to launch Reflected File Download RFD attacks via...

6.5CVSS6.9AI score0.00533EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2025/06/06 12:0 a.m.11 views

Ruby RACK 3.1.x < 3.1.16 DoS

The version of the RACK Ruby library installed on the remote host is 3.1.x prior to 3.1.16 . It is, therefore, affected by a DoS vulnerability where an attacker can create a crafted input can cause Content-Disposition header parsing in Rack to take an unexpected amount of time, possibly resulting...

8.7CVSS7AI score0.00483EPSS
Exploits0References2
NVD
NVD
added 2025/06/04 11:15 p.m.18 views

CVE-2025-49007

Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. Carefully crafted input can caus...

8.7CVSS0.00483EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:53 p.m.8 views

CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

8.8CVSS6.5AI score0.00657EPSS
Exploits0
Rows per page
Query Builder