10 matches found
CVE-2026-8318
The vulnerability affects VectifyAI PageIndex (PDF Table of Contents Handler) specifically the toc_transformer in pageindex/page_index.py. The issue causes an infinite loop due to the underlying manipulation, and is described as exploitable remotely. The description notes rolling releases with no...
firefox: thunderbird: Cross-origin access to PDF contents through multipart responses
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.3.1 ESR MFSA 2024-51 bsc1231413 CVE-2024-9680: Use-after-free in Animation timeline bmo1923344 Also includes the following CVEs from MFSA 2024-47 bsc1230979 CVE-2024-9392: Compromised content...
firefox: thunderbird: Cross-origin access to PDF contents through multipart responses
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...
firefox: thunderbird: Cross-origin access to PDF contents through multipart responses
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...
firefox: thunderbird: Cross-origin access to PDF contents through multipart responses
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.3.0 ESR MFSA-2024-47, bsc1230979: CVE-2024-8900: Clipboard write permission bypass CVE-2024-9392: Compromised content process can bypass site isolation CVE-2024-9393: Cross-origin access to P...
Mozilla Firefox Security Update (MFSA2024-46) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox Security Update (MFSA2024-46) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
firefox: thunderbird: Cross-origin access to PDF contents through multipart responses
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...