exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2022-28284

почти 3 года назад

SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.

CVSS3: 8.8

EPSS: Низкий

CVE-2022-28284

почти 3 года назад

SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.

CVSS3: 8.8

EPSS: Низкий

CVE-2022-28284

почти 3 года назад

SVG's <code><use></code> element could have been used to load un ...

CVSS3: 8.8

EPSS: Низкий

GHSA-5g34-x2rf-m7v6

почти 3 года назад

SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.

CVSS3: 8.8

EPSS: Низкий

BDU:2022-05101

больше 3 лет назад

Уязвимость реализации элемента SVG <use> браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код JavaScript

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-28284 SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.	CVSS3: 8.8	0% Низкий	почти 3 года назад
CVE-2022-28284 SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.	CVSS3: 8.8	0% Низкий	почти 3 года назад
CVE-2022-28284 SVG's <code><use></code> element could have been used to load un ...	CVSS3: 8.8	0% Низкий	почти 3 года назад
GHSA-5g34-x2rf-m7v6 SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.	CVSS3: 8.8	0% Низкий	почти 3 года назад
BDU:2022-05101 Уязвимость реализации элемента SVG <use> браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код JavaScript	CVSS3: 6.1	0% Низкий	больше 3 лет назад

Уязвимостей на страницу