29 matches found
Astra Linux – Vulnerability in Firefox, Thunderbird
When injecting an HTML base element, some requests will ignore the CSP’s base-uri settings and instead accept the base-uri setting of the injected element. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
Important: firefox
Issue Overview: Integer overflow vulnerability in avtimecodemakestring in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service DoS via crafted .mov file. CVE-2021-28429 A vulnerability was found in expat. With this flaw, it is possible to create a...
SUSE CVE-2022-40956
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
CVE-2022-40956
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
DEBIAN-CVE-2022-40956
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5649-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5649-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...
UBUNTU-CVE-2022-40956
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
CVE-2022-40956
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
Debian dla-3123 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3123 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3123-1 [email protected]...
Oracle Linux 8 : firefox (ELSA-2022-6702)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-6702 advisory. 102.3.0-6.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-6 - Update to 102.3...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...
Mozilla: Content-Security-Policy base-uri bypass
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead...