380 matches found
Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...
Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...
Debian dla-3817 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3817 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3817-1 [email protected]...
SUSE CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird...
Fedora 40 : firefox (2024-eabe68b149)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-eabe68b149 advisory. - new upstream update 126.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Fedora 39 : firefox (2024-a2c6c8afa9)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a2c6c8afa9 advisory. - new upstream update 126.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Oracle Linux 9 : thunderbird (ELSA-2024-2888)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2888 advisory. 115.11.0-1.0.1 - Add Oracle prefs 115.11.0-1 - Update to 115.11.0 build2 Tenable has extracted the preceding description block directly from the Oracle...
Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...
Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...
Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...
Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...
Oracle Linux 7 : firefox (ELSA-2024-2881)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2881 advisory. 115.11.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...
Debian dla-3815 : firefox-esr - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3815 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3815-1 [email protected]...
CentOS 7 : firefox (RHSA-2024:2881)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2881 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability...
Security Vulnerabilities fixed in Thunderbird 115.11 — Mozilla
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by...
Debian dsa-5691 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5691 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5691-1 [email protected]...
CVE-2024-4769
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...
CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird...
CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird...
CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird...