56 matches found
Mozilla: Click-jacking certificate exceptions through rendering lag
The Mozilla Foundation Security Advisory describes this flaw as: The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user...
Mozilla: Click-jacking certificate exceptions through rendering lag
The Mozilla Foundation Security Advisory describes this flaw as: The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user...
Mozilla: Click-jacking certificate exceptions through rendering lag
The Mozilla Foundation Security Advisory describes this flaw as: The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user...
Mozilla: Click-jacking certificate exceptions through rendering lag
The Mozilla Foundation Security Advisory describes this flaw as: The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user...
Mozilla: Click-jacking certificate exceptions through rendering lag
The Mozilla Foundation Security Advisory describes this flaw as: The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user...
SUSE CVE-2023-34414
The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a sit...
UBUNTU-CVE-2023-34414
The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a sit...
SUSE CVE-2014-5444
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate...
SUSE CVE-2014-7948
The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcacheupdatejob.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5...
SUSE CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the UR...
CVE-2022-34469
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. This bug...
Mozilla Firefox < 102.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 102.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-24 advisory. - Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities...
How to resolve certificate errors encountered after an upgrade of the ELM
Unable to create layers after an upgrade, One of the below errors is seen. "The issuing certificate does not have a usable private key" "Certificate doesn't contain private key"...
CentOS 8 : evolution (CESA-2019:3699)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3699 advisory. - evolution-ews: all certificate errors ignored if error is ignored during initial account setup in gnome- online-accounts CVE-2019-3890 Note that Nessus has no...
Error "Failed to establish connection to Amazon S3 endpoint" or "Azure Cloud connection has returned an untrusted certificate."
Challenge When attempting to add an Object Storage Repository or use an existing Object Storage Repository the following errors occur: Connection to Amazon S3 object storage fails with the following error: Failed to load Amazon S3 Compatible configuration: Failed to establish connection to Amazon...
FreeBSD : qutebrowser -- Reloading page with certificate errors shows a green URL (452d16bb-920d-11ea-9d20-18a6f7016652)
Qutebrowser developers report : After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the URL was mistakenly displayed as green colors.statusbar.url.successhttps...
CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the UR...
DEBIAN-CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the UR...
CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the UR...
Code injection
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the UR...