Lucene search
+L

92 matches found

RedHat Linux
RedHat Linux
added 2024/08/13 4:48 p.m.5 views

mozilla: CSP strict-dynamic bypass using web-compatibility shims

The Mozilla Foundation Security Advisory describes this flaw as: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element coul...

6.1CVSS7.2AI score0.00489EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/13 4:39 p.m.5 views

mozilla: CSP strict-dynamic bypass using web-compatibility shims

The Mozilla Foundation Security Advisory describes this flaw as: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element coul...

6.1CVSS7.2AI score0.00489EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/13 4:24 p.m.3 views

mozilla: CSP strict-dynamic bypass using web-compatibility shims

The Mozilla Foundation Security Advisory describes this flaw as: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element coul...

6.1CVSS7.2AI score0.00489EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/08/07 4:8 p.m.19 views

CVE-2024-7524

The Mozilla Foundation Security Advisory describes this flaw as: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element coul...

6.1CVSS9.1AI score0.00489EPSS
Exploits0References4
NVD
NVD
added 2024/08/06 1:15 p.m.23 views

CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

6.1CVSS0.00489EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2024/08/06 1:15 p.m.21 views

CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

5.9AI score0.00489EPSS
Exploits0
OSV
OSV
added 2024/08/06 1:15 p.m.12 views

CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

6.1CVSS5.6AI score
Exploits0References4
OSV
OSV
added 2024/08/06 1:15 p.m.8 views

UBUNTU-CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

6.1CVSS5.6AI score0.00489EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2024/08/06 1:15 p.m.21 views

CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

6.1CVSS6.8AI score0.00489EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/08/06 12:38 p.m.15 views

CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

6.1AI score0.00489EPSS
Exploits0References4
CVE
CVE
added 2024/08/06 12:38 p.m.296 views

CVE-2024-7524

CVE-2024-7524 affects Mozilla Firefox and Firefox ESR prior to 129/115.14-128.1. The issue arises when Firefox’s web-compatibility shims, used for blocked tracking scripts by Enhanced Tracking Protection, are injected on a site protected by CSP in strict-dynamic mode. An attacker who can inject a...

6.1CVSS5.9AI score0.00489EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2024/08/06 12:38 p.m.19 views

CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

6.1CVSS7.3AI score0.00489EPSS
Exploits0
FreeBSD
FreeBSD
added 2024/08/06 12:0 a.m.28 views

firefox -- multiple vulnerabilities

[email protected] reports: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack...

6.6AI score
Exploits0References4
Vivaldi Security Advisories
Vivaldi Security Advisories
added 2024/05/13 9:13 p.m.19 views

Minor update (5) for Vivaldi Desktop Browser 6.7

Download Vivaldi The following improvements were made since the fourth 6.7 minor update: Chromium Upgraded 124.0.6367.219 CVE-2024-4761: NB. Chromium updates may include security enhancements or fixes, crash fixes, or website compatibility updates. Web Compatibility Auth does not work when link i...

8.8CVSS5.8AI score0.11007EPSS
Exploits2References1
NVD
NVD
added 2023/06/02 5:15 p.m.18 views

CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

6.5CVSS6.2AI score0.00767EPSS
Exploits1References4
OSV
OSV
added 2023/06/02 5:15 p.m.6 views

CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

6.5CVSS7AI score0.00767EPSS
Exploits1References4
Prion
Prion
added 2023/06/02 5:15 p.m.29 views

Cross site scripting

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

4.3CVSS6.2AI score0.00767EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/06/02 12:0 a.m.38 views

CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

7.5AI score0.00767EPSS
Exploits1References4
CVE
CVE
added 2023/06/02 12:0 a.m.135 views

CVE-2023-25741

The CVE-2023-25741 entry concerns Firefox (

6.5CVSS6AI score0.00767EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2023/06/02 12:0 a.m.55 views

CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

6.5CVSS8.3AI score0.00767EPSS
Exploits1
Rows per page
Query Builder