Showing 26 - 28 of 28

CVE-2023-4045

Status Candidate

Overview

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Related Files

Red Hat Security Advisory 2023-4463-01: Posted Aug 4, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4463-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.; tags | advisory, web, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057; SHA-256 | 4ebfd9470307ee6efdcf1331c5c8cf44406bb65810dbd074149d73e2131a046d; Download | Favorite | View

Red Hat Security Advisory 2023-4462-01: Posted Aug 4, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4462-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.; tags | advisory, web, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057; SHA-256 | ac334472e16a49a84869d79eb012501d1c1db4b461779a5531bafd208158eebc; Download | Favorite | View

Ubuntu Security Notice USN-6267-1: Posted Aug 2, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6267-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057; SHA-256 | 51b1cc97de6f469ebee1cb6c9eb78f96f74f91edddd7253d5beec2a0426b7fd1; Download | Favorite | View

Page 2 of 2 Back 1 2 Next

Top Authors In Last 30 Days

Red Hat 239 files
indoushka 139 files
Ubuntu 79 files
Gentoo 33 files
Debian 26 files
Sebastian Hamann 8 files
Jann Horn 7 files
Google Security Research 6 files
Moritz Abrell 6 files
Jaggar Henry 6 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,110)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,941)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,657)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,783)
UNIX (9,443)
UnixWare (187)
Windows (6,679)
Other

CVE-2023-4045

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems