10 matches found
CVE-2022-28284
SVG's element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...
CVE-2022-28284
SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...
CVE-2022-28284
CVE-2022-28284 affects Mozilla Firefox older than 99. The SVG element could load unexpected content and execute scripts, aligning Gecko with other browsers but diverging from spec-driven security expectations. Impact is high across confidentiality, integrity, and availability. Firefox 99 and lat...
CVE-2022-28284
SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...
Mozilla Firefox Security Advisory (MFSA2022-13) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2022-13. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
Ubuntu: Security Advisory (USN-5370-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5370-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary...
UBUNTU-CVE-2022-28284
SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...
Mozilla Firefox < 99.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 99.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-13 advisory. - Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla...
Mozilla Firefox < 99.0
The version of Firefox installed on the remote Windows host is prior to 99.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-13 advisory. - Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team...