exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2022-28284

около 3 лет назад

SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.

CVSS3: 8.8

EPSS: Низкий

CVE-2022-28284

около 3 лет назад

SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.

CVSS3: 8.8

EPSS: Низкий

CVE-2022-28284

около 3 лет назад

SVG's <code><use></code> element could have been used to load un ...

CVSS3: 8.8

EPSS: Низкий

GHSA-5g34-x2rf-m7v6

около 3 лет назад

SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.

CVSS3: 8.8

EPSS: Низкий

BDU:2022-05101

почти 4 года назад

Уязвимость реализации элемента SVG <use> браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код JavaScript

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-28284 SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.	CVSS3: 8.8	0% Низкий	около 3 лет назад
CVE-2022-28284 SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.	CVSS3: 8.8	0% Низкий	около 3 лет назад
CVE-2022-28284 SVG's <code><use></code> element could have been used to load un ...	CVSS3: 8.8	0% Низкий	около 3 лет назад
GHSA-5g34-x2rf-m7v6 SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.	CVSS3: 8.8	0% Низкий	около 3 лет назад
BDU:2022-05101 Уязвимость реализации элемента SVG <use> браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код JavaScript	CVSS3: 6.1	0% Низкий	почти 4 года назад

Уязвимостей на страницу