8438 matches found
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Debian: Security Advisory (DSA-5468-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Same-Origin Policy Bypass
chromium is vulnerable to Same-Origin Policy Bypass. The vulnerability exists due to the insufficient policy enforcement in Intents of the library, allowing an attacker to bypass same origin policy via a maliciously crafted HTML page...
CVE-2023-0264
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue...
AlmaLinux 8 : firefox (ALSA-2023:4468)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4468 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
AlmaLinux 9 : firefox (ALSA-2023:4462)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4462 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
Oracle Linux 7 : firefox (ELSA-2023-4461)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4461 advisory. 102.14.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...
Debian DSA-5464-1 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5464 advisory. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the...
Oracle Linux 8 : firefox (ELSA-2023-4468)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4468 advisory. 102.14.0-1.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the...
Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-216-01)
The version of mozilla-firefox installed on the remote host is prior to 115.1.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-216-01 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image dat...
[SECURITY] [DSA 5464-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5464-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 03, 2023 https://www.debian.org/security/faq -...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...