GHSA-P7V2-P9M8-QQG7 Electron context isolation bypass via nested unserializable return value

Impact Apps using contextIsolation and contextBridge are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Workarounds This issue is exploitable under eithe...

CVE-2022-20526

In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

PT-2022-14740 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a missing bounds check in the CanvasContext::draw function of CanvasContext.cpp, which can lead to a possible out of bounds write. This could result in local escalation of...

Mozilla Foundation Security Advisory 2010-43

Mozilla Foundation Security Advisory 2010-43 Title: Same-origin bypass using canvas context Impact: High Announced: July 20, 2010 Reporter: Vladimir Vukicevic Products: Firefox, Thunderbird Fixed in: Firefox 3.6.7 Thunderbird 3.1.1 Description Mozilla developer Vladimir Vukicevic reported that a...

Mozilla Same-origin bypass using canvas context

Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion...

Same-origin bypass using canvas context — Mozilla

Mozilla developer Vladimir Vukicevic reported that a canvas element can be used to read data from another site, violating the same-origin policy. The read restriction placed on a canvas element which has had cross-origin data rendered into it can be bypassed by retaining a reference to the canvas...