29 matches found
Mozilla: Leaking browser history with CSS variables
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Firefox behaving slightly differently for already known resources when loading CSS resources involving CSS variables. This flaw could probe the browser history...
Mozilla: Leaking browser history with CSS variables
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Firefox behaving slightly differently for already known resources when loading CSS resources involving CSS variables. This flaw could probe the browser history...
UBUNTU-CVE-2022-29916
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
CVE-2022-29916
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
RHEL 8 : firefox (RHSA-2022:1705)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:1705 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CVE-2022-29916
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Firefox behaving slightly differently for already known resources when loading CSS resources involving CSS variables. This flaw could probe the browser history...
Mozilla Firefox 信息泄露漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an information disclosure vulnerability that stems from the browser behaving differently when loading CSS variables from known resources, which can be exploited by an...
Security Vulnerabilities fixed in Firefox 100 — Mozilla
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existin...
Control CSS loading with custom properties
Last week I wrote about a simple method to load CSS progressively, and on the very same day some scientists taught gravity how to wave. Coincidence? Yes. The pattern in the previous post covers the 90% case of multi-stage CSS loading, and it's really simple to understand. But would you like to he...