Количество 21
Количество 21
BDU:2024-01663
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверной нейтрализацией особых элементов в выходных данных, используемых входящим компонентом, позволяющая нарушителю внедрить произвольные HTTP-заголовки
CVE-2024-1551
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVE-2024-1551
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVE-2024-1551
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVE-2024-1551
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVE-2024-1551
Set-Cookie response headers were being incorrectly honored in multipar ...
ROS-20240923-02
Множественные уязвимости firefox
ROS-20240923-08
Множественные уязвимости thunderbird
GHSA-cq85-4f5h-qqc4
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8.
BDU:2024-01664
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверной нейтрализацией особых элементов в выходных данных, используемых входящим компонентом, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2024:0608-1
Security update for MozillaThunderbird
SUSE-SU-2024:0607-1
Security update for MozillaFirefox
SUSE-SU-2024:0580-1
Security update for MozillaFirefox
RLSA-2024:0955
Important: firefox security update
ELSA-2024-0976
ELSA-2024-0976: firefox security update (IMPORTANT)
ELSA-2024-0964
ELSA-2024-0964: thunderbird security update (IMPORTANT)
ELSA-2024-0963
ELSA-2024-0963: thunderbird security update (IMPORTANT)
ELSA-2024-0957
ELSA-2024-0957: thunderbird security update (IMPORTANT)
ELSA-2024-0955
ELSA-2024-0955: firefox security update (IMPORTANT)
ELSA-2024-0952
ELSA-2024-0952: firefox security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-01663 Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверной нейтрализацией особых элементов в выходных данных, используемых входящим компонентом, позволяющая нарушителю внедрить произвольные HTTP-заголовки | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-1551 Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-1551 Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-1551 Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-1551 Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. | 0% Низкий | 2 месяца назад | |
| CVE-2024-1551 Set-Cookie response headers were being incorrectly honored in multipar ... | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | ROS-20240923-02 Множественные уязвимости firefox | CVSS3: 8.8 | около 1 года назад | |
| ROS-20240923-08 Множественные уязвимости thunderbird | CVSS3: 8.8 | около 1 года назад | |
| GHSA-cq85-4f5h-qqc4 Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
| BDU:2024-01664 Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверной нейтрализацией особых элементов в выходных данных, используемых входящим компонентом, позволяющая нарушителю выполнить произвольный код | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | SUSE-SU-2024:0608-1 Security update for MozillaThunderbird | больше 1 года назад | ||
| SUSE-SU-2024:0607-1 Security update for MozillaFirefox | больше 1 года назад | ||
| SUSE-SU-2024:0580-1 Security update for MozillaFirefox | больше 1 года назад | ||
 | RLSA-2024:0955 Important: firefox security update | больше 1 года назад | ||
| ELSA-2024-0976 ELSA-2024-0976: firefox security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-0964 ELSA-2024-0964: thunderbird security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-0963 ELSA-2024-0963: thunderbird security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-0957 ELSA-2024-0957: thunderbird security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-0955 ELSA-2024-0955: firefox security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-0952 ELSA-2024-0952: firefox security update (IMPORTANT) | больше 1 года назад |
Уязвимостей на страницу