13 matches found
SUSE CVE-2025-68616
WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery SSRF protection bypass exists in WeasyPrint's defaulturlfetcher. The vulnerability allows attackers to access internal network resources such as localhost services or cloud metadata...
WeasyPrint code-related vulnerabilities
WeasyPrint is an intelligent solution developed by Kozea. It helps web developers create PDF files. Versions of WeasyPrint prior to 68.0 contained code vulnerabilities. These vulnerabilities stemmed from a protection mechanism in the defaulturlfetcher that allowed server-side request forgery...
PT-2026-3446
Name of the Vulnerable Software and Affected Versions WeasyPrint versions prior to 68.0 Description WeasyPrint is a tool used by web developers to generate PDF documents. A server-side request forgery SSRF protection bypass exists in WeasyPrint’s default url fetcher for versions prior to 68.0. Th...
Mozilla Firefox and Mozilla Firefox ESR Memory Misreference Vulnerability (CNVD-2020-02150)
Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox version 71 and Mozilla Firefo...
Mozilla Firefox and Mozilla Firefox ESR Resource Management Error Vulnerability (CNVD-2019-38063)
Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A resource management error vulnerability exists in Mozilla Firefox version 69 a...
cPanel cross-site scripting vulnerability (CNVD-2019-29012)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in WHM Account Transfer in versions prior to cPanel 68.0.27. The vulnerability stems...
Mozilla Firefox Input Validation Error Vulnerability (CNVD-2019-29577)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 68. A remote attacker could exploit the vulnerability to bypass secure browsing protections...
Mozilla Firefox Trust Management Issues Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 68. A remote attacker could exploit the vulnerability to bypass security restrictions...
Mozilla Firefox Privilege Access Control Issue Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 68. A remote attacker could exploit the vulnerability to bypass security restrictions...
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2019-29575)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 68. An attacker could exploit the vulnerability to obtain sensitive information...
UBUNTU-CVE-2018-17460
Insufficient data validation in filesystem URIs in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...
UBUNTU-CVE-2018-6179
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension...
chromium-browser: CORS bypass in Blink
Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...