19 matches found
MAL-2025-142443 Malicious code in fetch-event-cosmiconfig-chalk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 553b1de624bc1c101df86ed334fbb6c5575ad72d38d45302ba2c4709aff2df39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113668
Malicious code in fetch-event-cosmiconfig-chalk npm...
MAL-2025-144876 Malicious code in metalsmith-elektra-fetch-event (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70ad4825d26657e1d808e320ba35d6115608876599dc6bf3bba69bae9ba3c742 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-120640
Malicious code in wasat-fetch-event-airbnb npm...
EUVD-2025-111239
Malicious code in metalsmith-elektra-fetch-event npm...
When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
...
SUSE CVE-2022-45410
When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR...
DEBIAN-CVE-2022-45410
When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
UBUNTU-CVE-2022-45410
When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR...
Service workers and base URIs
Previously when we've run into a contentious service worker design issue, we've asked web developers what they think. This has worked out pretty well in the past, with developer feedback directly informing spec changes. It's also great because we can blame y'all if you pick the wrong thing. Well,...