14 matches found
Astra Linux - уязвимость в firefox, thunderbird
By injecting a cookie with certain special characters, an attacker on a shared subdomain that is not in a secure context can set and overwrite cookies from a secure context. This leads to session fixation and other attacks. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and...
EUVD-2022-44204
Malicious code in bioql PyPI...
SUSE CVE-2022-40958
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and...
DEBIAN-CVE-2022-40958
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and...
Session fixation
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and...
UBUNTU-CVE-2022-40958
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and...
Oracle Linux 8 : firefox (ELSA-2022-6702)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-6702 advisory. 102.3.0-6.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.3.0-6 - Update to 102.3...
CVE-2022-40958
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and...
Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...
Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...
Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...
Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...
Debian dla-3121 : firefox-esr - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3121 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3121-1 [email protected]...
Mozilla Firefox 注入漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 105, which stems from the fact that by injecting a cookie with certain special characters, an attacker on a shared subdomain in a...