Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Products
Firefox
- < 127
- < 115.12
Source
security@mozilla.org
Tags
CVE-2024-5693 details
Published : June 11, 2024, 1:15 p.m.
Last Modified : June 11, 2024, 1:54 p.m.
Last Modified : June 11, 2024, 1:54 p.m.
Description
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127 and Firefox ESR < 115.12.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://bugzilla.mozilla.org/show_bug.cgi?id=1891319 | security@mozilla.org |
| https://www.mozilla.org/security/advisories/mfsa2024-25/ | security@mozilla.org |
| https://www.mozilla.org/security/advisories/mfsa2024-26/ | security@mozilla.org |
This website uses the NVD API, but is not approved or certified by it.