Количество 14
Количество 14
BDU:2024-06569
Уязвимость компонента Content Security Policy браузеров Firefox, Firefox ESR, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts ...
GHSA-7m9h-4qg6-4hmh
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
RLSA-2024:5391
Important: firefox security update
ELSA-2024-5391
ELSA-2024-5391: firefox security update (IMPORTANT)
ELSA-2024-5324
ELSA-2024-5324: firefox security update (IMPORTANT)
ELSA-2024-5322
ELSA-2024-5322: firefox security update (IMPORTANT)
ROS-20240828-08
Множественные уязвимости thunderbird
ROS-20240828-03
Множественные уязвимости firefox
SUSE-SU-2024:3003-1
Security update for MozillaFirefox
SUSE-SU-2024:2876-1
Security update for MozillaFirefox
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-06569 Уязвимость компонента Content Security Policy браузеров Firefox, Firefox ESR, позволяющая нарушителю осуществлять межсайтовые сценарные атаки | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
 | CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
| CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts ... | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
| GHSA-7m9h-4qg6-4hmh Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | RLSA-2024:5391 Important: firefox security update | 6 месяцев назад | ||
| ELSA-2024-5391 ELSA-2024-5391: firefox security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-5324 ELSA-2024-5324: firefox security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-5322 ELSA-2024-5322: firefox security update (IMPORTANT) | около 1 года назад | ||
 | ROS-20240828-08 Множественные уязвимости thunderbird | CVSS3: 8.8 | около 1 года назад | |
| ROS-20240828-03 Множественные уязвимости firefox | CVSS3: 8.8 | около 1 года назад | |
 | SUSE-SU-2024:3003-1 Security update for MozillaFirefox | около 1 года назад | ||
| SUSE-SU-2024:2876-1 Security update for MozillaFirefox | около 1 года назад |
Уязвимостей на страницу