159 matches found
DEBIAN-CVE-2023-32002
The use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CV...
AZL-27940 CVE-2023-32002 affecting package nodejs for versions less than 16.20.2-2
The use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CV...
UBUNTU-CVE-2023-32002
The use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CV...
Node.js 安全漏洞
Node.js is an open source, cross-platform JavaScript runtime environment. A security vulnerability exists in Node.js versions 16.x, 18.x, and 20.x that stems from the use of Module.load to bypass the policy mechanism when given a module outside of the policy.json definition...
SUSE CVE-2023-32002
The use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CV...
DEBIAN-CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Code injection
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25739
CVE-2023-25739 affects Firefox <110, Thunderbird <102.8, and Firefox ESR
GLSA-202305-36 : Mozilla Thunderbird: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202305-36 Mozilla Thunderbird: Multiple Vulnerabilities - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily...
Important: thunderbird
Issue Overview: If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted messa...
USN-5880-2 firefox regressions
USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attribute...
Oracle Linux 7 : firefox (ELSA-2023-0812)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0812 advisory. 102.8.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...