SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14609-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14609-1 advisory. - When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have...

UBUNTU-CVE-2020-26976

When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the insecure framing. This vulnerability affects Firefox 84...

CVE-2016-5132

The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME...

CVE-2009-2067

Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related...