Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.4 views

Astra Linux – Vulnerability in Firefox

Firefox adds web-compatibility shims as a replacement for some tracking scripts that are blocked by Enhanced Tracking Protection. On a site protected by the Content Security Policy in “strict-dynamic” mode, an attacker who can inject an HTML element could use a DOM Clobbering attack on some of th...

6.1CVSS6.6AI score0.00461EPSS
Exploits0References3
OSV
OSV
added 2024/09/06 11:9 a.m.4 views

OESA-2024-2099 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site...

6.1CVSS8.3AI score0.00461EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/08/13 4:56 p.m.5 views

mozilla: CSP strict-dynamic bypass using web-compatibility shims

The Mozilla Foundation Security Advisory describes this flaw as: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element coul...

6.1CVSS7.2AI score0.00461EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/13 4:56 p.m.5 views

mozilla: CSP strict-dynamic bypass using web-compatibility shims

The Mozilla Foundation Security Advisory describes this flaw as: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element coul...

6.1CVSS7.2AI score0.00461EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/08/07 2:55 a.m.2 views

SUSE CVE-2024-7524

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...

8.8CVSS6.1AI score0.00461EPSS
Exploits0References6
Rows per page
Query Builder