Oracle Linux 7 : firefox (ELSA-2023-4461)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4461 advisory. 102.14.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-216-01)

The version of mozilla-firefox installed on the remote host is prior to 115.1.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-216-01 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image dat...

AlmaLinux 8 : firefox (ALSA-2023:4468)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4468 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...

Oracle Linux 8 : firefox (ELSA-2023-4468)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4468 advisory. 102.14.0-1.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the...

[SECURITY] [DSA 5464-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5464-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 03, 2023 https://www.debian.org/security/faq -...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

SUSE CVE-2023-4045

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

SUSE CVE-2023-38572

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:3161-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3161-1 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site ...

Mozilla Firefox and Firefox ESR Security Bypass Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. Mozilla Firefox ESR is Firefox Enterprise Edition. A security bypass vulnerability exists in Mozilla Firefox and Firefox ESR, which can be exploited by an attacker to bypass cross-domain restrictions and access...

CVE-2023-4045

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...

USN-6267-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-4047, CVE-2023-4048,...

Fedora 38 : firefox (2023-b4b8e4f1b9)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b4b8e4f1b9 advisory. - Updated to latest upstream 116.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...