Astra Linux - уязвимость в firefox

When following a redirect to a publicly accessible web extension file, the URL may have been translated into the actual local path, potentially exposing sensitive information. This vulnerability affects Firefox versions earlier than 111...

Astra Linux – Vulnerability in Firefox

Under specific circumstances, a WebExtension may receive a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This allows directory paths to be accessed on the user’s machine. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2023-29538

Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2017-7847

Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird 52.5.2...

Mozilla: Local path string can be leaked from RSS feed

Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird 52.5.2...

Updated thunderbird packages fix security vulnerabilities

Multiple vulnerabilities have been fixed in thunderbird. JavaScript Execution via RSS in mailbox:// origin CVE-2017-7846. Local path string can be leaked from RSS feed CVE-2017-7847. RSS Feed vulnerable to new line Injection CVE-2017-7848. Mailsploit From address with encoded null character is cu...