Manfred Paul discovered a flaw in the Mozilla Firefox web browser, allowing an attacker to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.
Comment
Archive for March 23rd, 2024
3 results.
Update to version 2.13.1 Fix CVE-2024-28054
update to xen-4.18.1 rebase xen.gcc12.fixes.patch remove patches now included or superceded upstream x86: Register File Data Sampling [XSA-452, CVE-2023-28746] GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]