Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:1 a.m.8 views

CVE-2023-52081

ffcss is a CLI interface to apply and configure Firefox CSS themes. Prior to 0.2.0, the function lookupPreprocess is meant to apply some transformations to a string by disabling characters in the regex - .. However, due to the use of late Unicode normalization of type NFKD, it is possible to bypa...

5.3CVSS6.7AI score0.00522EPSS
Exploits1References1
NVD
NVD
added 2023/12/28 4:16 p.m.37 views

CVE-2023-52081

ffcss is a CLI interface to apply and configure Firefox CSS themes. Prior to 0.2.0, the function lookupPreprocess is meant to apply some transformations to a string by disabling characters in the regex - .. However, due to the use of late Unicode normalization of type NFKD, it is possible to bypa...

5.3CVSS0.00522EPSS
Exploits1References2
CVE
CVE
added 2023/12/28 3:34 p.m.43 views

CVE-2023-52081

ffcss (the Firefox CSS themes CLI) before version 0.2.0 contains a vulnerability in lookupPreprocess() where late Unicode normalization (NFKD) can bypass the intended regex filter and reintroduce characters like _ and ., allowing relaxed theme searches. The security impact is described as low and...

5.3CVSS5.1AI score0.00522EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/12/28 3:34 p.m.41 views

CVE-2023-52081 ewen-lbh/ffcss late-Unicode normalization vulnerability

ffcss is a CLI interface to apply and configure Firefox CSS themes. Prior to 0.2.0, the function lookupPreprocess is meant to apply some transformations to a string by disabling characters in the regex - .. However, due to the use of late Unicode normalization of type NFKD, it is possible to bypa...

5.3CVSS5.4AI score0.00522EPSS
Exploits1References2
Rows per page
Query Builder