#CVE-2023-5728: Improper object tracking during GC in the JavaScript engine could have led to a crash. Note: This issue only affected Windows operating systems. appxbundle files, which can run commands on a user's computer. The executable file warning was not presented when downloading. appxbundle files on Windows Reporter Marco Bonardo Impact moderate Description #CVE-2023-5727: Download Protections were bypassed by. Note: This issue only affected macOS operating systems. This could have led to user confusion and possible spoofing attacks. #CVE-2023-5726: Full screen notification obscured by file open dialog on macOS Reporter Edgar Chen and Hafiizh Impact moderate DescriptionĪ website could have obscured the full screen notification by using the file open dialog. #CVE-2023-5725: WebExtensions could open arbitrary URLs Reporter Shaheen Fazim Impact moderate DescriptionĪ malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. #CVE-2023-5724: Large WebGL draw could have led to a crash Reporter pwn2car Impact moderate Descriptionĭrivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. #CVE-2023-5723: Invalid cookie characters could have led to unexpected errors Reporter Daniel Veditz Impact moderate DescriptionĪn attacker with temporary script access to a site could have set a cookie containing invalid characters using okie that could have led to unknown errors. Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. #CVE-2023-5722: Cross-Origin size and header leakage Reporter annevk Impact moderate Description It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. #CVE-2023-5721: Queued up rendering could have allowed websites to clickjack Reporter Kelsey Gilbert Impact high Description Mozilla Foundation Security Advisory 2023-45 Security Vulnerabilities fixed in Firefox 119 Announced OctoImpact high Products Firefox Fixed in
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |