Количество 18
Количество 18
BDU:2022-04382
Уязвимость реализации механизма CORS (Cross-Origin Resource Sharing) браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации
CVE-2022-31742
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
CVE-2022-31742
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
CVE-2022-31742
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
CVE-2022-31742
An attacker could have exploited a timing attack by sending a large nu ...
GHSA-5frx-2qvr-6r92
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
RLSA-2022:4872
Important: firefox security update
ELSA-2022-4873
ELSA-2022-4873: firefox security update (IMPORTANT)
ELSA-2022-4872
ELSA-2022-4872: firefox security update (IMPORTANT)
ELSA-2022-4870
ELSA-2022-4870: firefox security update (IMPORTANT)
SUSE-SU-2022:1927-1
Security update for MozillaFirefox
SUSE-SU-2022:1921-1
Security update for MozillaFirefox
SUSE-SU-2022:1920-1
Security update for MozillaFirefox
RLSA-2022:4887
Important: thunderbird security update
ELSA-2022-4892
ELSA-2022-4892: thunderbird security update (IMPORTANT)
ELSA-2022-4891
ELSA-2022-4891: thunderbird security update (IMPORTANT)
ELSA-2022-4887
ELSA-2022-4887: thunderbird security update (IMPORTANT)
SUSE-SU-2022:2062-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-04382 Уязвимость реализации механизма CORS (Cross-Origin Resource Sharing) браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
 | CVE-2022-31742 An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2022-31742 An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
 | CVE-2022-31742 An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| CVE-2022-31742 An attacker could have exploited a timing attack by sending a large nu ... | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| GHSA-5frx-2qvr-6r92 An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
 | RLSA-2022:4872 Important: firefox security update | около 3 лет назад | ||
| ELSA-2022-4873 ELSA-2022-4873: firefox security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2022-4872 ELSA-2022-4872: firefox security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2022-4870 ELSA-2022-4870: firefox security update (IMPORTANT) | около 3 лет назад | ||
 | SUSE-SU-2022:1927-1 Security update for MozillaFirefox | около 3 лет назад | ||
| SUSE-SU-2022:1921-1 Security update for MozillaFirefox | около 3 лет назад | ||
| SUSE-SU-2022:1920-1 Security update for MozillaFirefox | около 3 лет назад | ||
| RLSA-2022:4887 Important: thunderbird security update | около 3 лет назад | ||
| ELSA-2022-4892 ELSA-2022-4892: thunderbird security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2022-4891 ELSA-2022-4891: thunderbird security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2022-4887 ELSA-2022-4887: thunderbird security update (IMPORTANT) | около 3 лет назад | ||
| SUSE-SU-2022:2062-1 Security update for MozillaThunderbird | около 3 лет назад |
Уязвимостей на страницу