Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.25 views

Mozilla Firefox Security Advisory (MFSA2020-01) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

8.8CVSS7.7AI score0.02489EPSS
Exploits1References9
CVE
CVE
added 2020/01/08 9:29 p.m.172 views

CVE-2019-17020

CVE-2019-17020 affects Firefox before 72.0. The issue is a Content Security Policy bypass where an XML file served with CSP includes an XSL stylesheet, and the CSP is not applied to the XSL contents (e.g., JavaScript), bypassing restrictions on the XML document. Impact is CSP bypass via XSL in XM...

6.5CVSS6.5AI score0.01145EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2020/01/08 9:29 p.m.43 views

CVE-2019-17020

If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security...

6.5CVSS6.8AI score0.01145EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/08 12:0 a.m.42 views

Mozilla Firefox < 72.0

The version of Firefox installed on the remote Windows host is prior to 72.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-01 advisory. - Mozilla developers Karl Tomlinson, Jason Kratzer, Tyson Smith, Jon Coppeard, and Christian Holler reported memory safet...

8.8CVSS7.9AI score0.02489EPSS
Exploits2References12
Rows per page
Query Builder