MiracleLinux 9 : firefox-102.15.0-1.el9.ML.1 (AXSA:2023-6389:32)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6389:32 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

MiracleLinux 7 : firefox-102.15.0-1.0.1.el7.AXS7 (AXSA:2023-6392:33)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6392:33 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

EUVD-2022-52277

Malicious code in bioql PyPI...

CVE-2022-30334

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that us...

Brave Desktop 1.75.175 Security Fixes

Fixed issue where audio was not being farbled in certain cases as reported on HackerOne by cesiumfusilli. - Disabled block element picker in Private Windows as reported on HackerOne by newfunction. Upgraded Chromium to 133.0.6943.54 — refer to Google Chrome advisories for inherited CVEs...

SUSE-SU-2023:3562-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox was updated to Extended Support Release 115.2.0 ESR MFSA 2023-36 bsc1214606. - CVE-2023-4574: Fixed memory corruption in IPC ColorPickerShownCallback bmo1846688 - CVE-2023-4575: Fixed memory corruption in IPC FilePickerShownCallba...

SUSE-SU-2023:3559-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox was updated to Extended Support Release 115.2.0 ESR MFSA 2023-36 bsc1214606. - CVE-2023-4574: Fixed memory corruption in IPC ColorPickerShownCallback bmo1846688 - CVE-2023-4575: Fixed memory corruption in IPC FilePickerShownCallba...

Mozilla: Browsing Context potentially not cleared when closing Private Window

The Mozilla Foundation Security Advisory describes this flaw as: When checking if the Browsing Context had been discarded in HttpBaseChannel, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private...

Mozilla: Browsing Context potentially not cleared when closing Private Window

The Mozilla Foundation Security Advisory describes this flaw as: When checking if the Browsing Context had been discarded in HttpBaseChannel, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private...

Mozilla: Browsing Context potentially not cleared when closing Private Window

The Mozilla Foundation Security Advisory describes this flaw as: When checking if the Browsing Context had been discarded in HttpBaseChannel, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private...

Mozilla: Browsing Context potentially not cleared when closing Private Window

The Mozilla Foundation Security Advisory describes this flaw as: When checking if the Browsing Context had been discarded in HttpBaseChannel, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private...

Mozilla: Browsing Context potentially not cleared when closing Private Window

The Mozilla Foundation Security Advisory describes this flaw as: When checking if the Browsing Context had been discarded in HttpBaseChannel, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private...

Mozilla: Browsing Context potentially not cleared when closing Private Window

The Mozilla Foundation Security Advisory describes this flaw as: When checking if the Browsing Context had been discarded in HttpBaseChannel, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private...

Information Disclosure

firefox is vulnerable to Information Disclosure. The vulnerability occurs within 'HttpBaseChannel' where discarded load groups weren't always unavailable, potentially resulting in browsing context not being cleared when closing a private window...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from the possibility that the browsing environment may not be cleared when closing a private window under certain circumstances...

CVE-2022-30334

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that us...

Design/Logic Flaw

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that us...

CVE-2022-30334

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that us...

PT-2022-20068 · Brave · Brave

Name of the Vulnerable Software and Affected Versions: Brave versions prior to 1.34 Description: The issue occurs when a Private Window with Tor Connectivity is used, causing .onion URLs to leak in Referer and Origin headers. Although this was fixed by Brave, the Brave documentation notes that...

Brave 信息泄露漏洞

Brave is a fast, private and secure web browser from Brave USA. A security vulnerability exists in Brave versions prior to 1.34 that stems from leaks.onion URLs appearing in the headers of Referer and Origin when using a private window with a Tor connection...