25 matches found
EUVD-2020-4730
Malware in sbrugna...
SUSE CVE-2024-57965
In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability...
DEBIAN-CVE-2024-57965
In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability...
CVE-2024-57965
In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability...
Amazon Linux 2 : thunderbird (ALAS-2023-1945)
The version of thunderbird installed on the remote host is prior to 68.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1945 advisory. The Mozilla Foundation Security Advisory describes this flaw as: Due to confusion about ValueTags on JavaScript...
SUSE CVE-2020-12418
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR 68.10, Firefox 78, and Thunderbird 68.10.0...
NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0140)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with a...
Updated thunderbird packages fix security vulnerability
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection CVE-2020-12398. When browsing a malicious page, a race condition in our...
Mozilla: Information disclosure due to manipulated URL object
The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...
Mozilla: Information disclosure due to manipulated URL object
The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...
Security Vulnerabilities fixed in Thunderbird 78 — Mozilla
When %2F was present in a manifest URL, Thunderbird's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. A VideoStreamEncoder may have been freed in a race...
CVE-2020-12418
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR 68.10, Firefox 78, and Thunderbird 68.10.0...
CVE-2020-12418
CVE-2020-12418 describes a flaw where manipulating individual parts of a URL object could cause an out-of-bounds read, leaking process memory to malicious JavaScript. Affected products per the provided data include Firefox ESR < 68.10, Firefox < 78, and Thunderbird
CVE-2020-12418
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR 68.10, Firefox 78, and Thunderbird 68.10.0...
firefox security update
CentOS Errata and Security Advisory CESA-2020:2824 An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Information Disclosure
firefox is vulnerable to information disclosure. The vulnerability exists due to a manipulated URL object...
Mozilla: Information disclosure due to manipulated URL object
The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...
Mozilla: Information disclosure due to manipulated URL object
The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...
CVE-2020-12418
The Mozilla Foundation Security Advisory describes this flaw as: Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript...
CVE-2020-12418
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR 68.10, Firefox 78, and Thunderbird 68.10.0...