Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2022/12/22 12:0 a.m.6 views

CVE-2022-31742

An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affec...

5.9AI score0.00594EPSS
Exploits0References4
Mageia
Mageia
added 2022/06/04 8:25 p.m.57 views

Updated thunderbird packages fix security vulnerability

When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown...

9.8CVSS0.5AI score0.01055EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/06/01 10:21 p.m.6 views

Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue as an attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have...

6.5CVSS7.3AI score0.00594EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/06/01 12:0 a.m.40 views

CVE-2022-31742

An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affec...

6.5CVSS6.9AI score0.00594EPSS
Exploits0References6
Rows per page
Query Builder