Количество 20
Количество 20
BDU:2023-00602
Уязвимость браузеров Mozilla Firefox и Firefox ESR, связанная с ошибками при интерпретации данных, загруженных несколькими способами, позволяющая нарушителю читать произвольные файлы
CVE-2023-23598
Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
CVE-2023-23598
Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
CVE-2023-23598
Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
CVE-2023-23598
Due to the Firefox GTK wrapper code's use of text/plain for drag data ...
GHSA-h2qp-p99q-hmrr
Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
SUSE-SU-2023:0113-1
Security update for MozillaFirefox
SUSE-SU-2023:0112-1
Security update for MozillaFirefox
SUSE-SU-2023:0111-1
Security update for MozillaFirefox
RLSA-2023:0476
Important: thunderbird security update
RLSA-2023:0463
Important: thunderbird security update
RLSA-2023:0288
Important: firefox security update
RLSA-2023:0285
Important: firefox security update
ELSA-2023-0476
ELSA-2023-0476: thunderbird security update (IMPORTANT)
ELSA-2023-0463
ELSA-2023-0463: thunderbird security update (IMPORTANT)
ELSA-2023-0456
ELSA-2023-0456: thunderbird security update (IMPORTANT)
ELSA-2023-0296
ELSA-2023-0296: firefox security update (IMPORTANT)
ELSA-2023-0288
ELSA-2023-0288: firefox security update (IMPORTANT)
ELSA-2023-0285
ELSA-2023-0285: firefox security update (IMPORTANT)
SUSE-SU-2023:0329-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-00602 Уязвимость браузеров Mozilla Firefox и Firefox ESR, связанная с ошибками при интерпретации данных, загруженных несколькими способами, позволяющая нарушителю читать произвольные файлы | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-23598 Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-23598 Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-23598 Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-23598 Due to the Firefox GTK wrapper code's use of text/plain for drag data ... | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| GHSA-h2qp-p99q-hmrr Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:0113-1 Security update for MozillaFirefox | больше 2 лет назад | ||
| SUSE-SU-2023:0112-1 Security update for MozillaFirefox | больше 2 лет назад | ||
| SUSE-SU-2023:0111-1 Security update for MozillaFirefox | больше 2 лет назад | ||
 | RLSA-2023:0476 Important: thunderbird security update | больше 2 лет назад | ||
| RLSA-2023:0463 Important: thunderbird security update | больше 2 лет назад | ||
| RLSA-2023:0288 Important: firefox security update | больше 2 лет назад | ||
| RLSA-2023:0285 Important: firefox security update | больше 2 лет назад | ||
| ELSA-2023-0476 ELSA-2023-0476: thunderbird security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-0463 ELSA-2023-0463: thunderbird security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-0456 ELSA-2023-0456: thunderbird security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-0296 ELSA-2023-0296: firefox security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-0288 ELSA-2023-0288: firefox security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-0285 ELSA-2023-0285: firefox security update (IMPORTANT) | больше 2 лет назад | ||
| SUSE-SU-2023:0329-1 Security update for MozillaThunderbird | больше 2 лет назад |
Уязвимостей на страницу