Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : firefox-102.7.0-1.el8.ML.1 (AXSA:2023-4857:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4857:04 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...

8.8CVSS8.3AI score0.00892EPSS
Exploits0References9
OSV
OSV
added 2023/02/07 12:6 a.m.7 views

MGASA-2023-0034 Updated thunderbird packages fix security vulnerability

libusrsctp library out of date. CVE-2022-46871 Arbitrary file read from GTK drag and drop on Linux. CVE-2023-23598 URL being dragged from cross-origin iframe into same tab triggers navigation. CVE-2023-23601 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers...

8.8CVSS7.3AI score0.00892EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/01/25 3:29 p.m.4 views

Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive

The Mozilla Foundation Security Advisory describes this flaw as: Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/25 3:27 p.m.3 views

Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive

The Mozilla Foundation Security Advisory describes this flaw as: Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 10:3 a.m.2 views

Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive

The Mozilla Foundation Security Advisory describes this flaw as: Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:30 a.m.5 views

Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive

The Mozilla Foundation Security Advisory describes this flaw as: Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
Rows per page
Query Builder