Flight 安全漏洞

Flight is a PHP microframework by Mike Cao's personal developer. A security vulnerability exists in versions prior to Flight v1.2, which stems from eager loading of the request body in the constructor of the Request class, which could lead to a denial-of-service attack...

Mozilla: Sandbox escape allowing local file system read access (MFSA 2017-12)

A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR 52.1 and Firefox 53...