Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-5693

June 11, 2024, 1:54 p.m.

Tags

security@mozilla.org
2024-06-11
CVE-2024-5693

Product(s) Impacted

Firefox

  • < 127
  • < 115.12

Description

Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127 and Firefox ESR < 115.12.

Weaknesses

Date

Published: June 11, 2024, 1:15 p.m.

Last Modified: June 11, 2024, 1:54 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

security@mozilla.org

References

https://bugzilla.mozilla.org/ security@mozilla.org
https://www.mozilla.org/ security@mozilla.org
https://www.mozilla.org/ security@mozilla.org