#CVE-2023-32211: Content process crash due to invalid wasm code Reporter P1umer and xmzyshypnc Impact moderate DescriptionĪ type checking bug would have led to invalid code being compiled. #CVE-2023-32207: Potential permissions request bypass via clickjacking Reporter Hafiizh Impact high DescriptionĪ missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. #CVE-2023-32206: Crash in RLBox Expat driver Reporter Irvan Kurniawan Impact high DescriptionĪn out-of-bound read could have led to a crash in the RLBox Expat driver.
These could have led to potential user confusion and spoofing attacks.
In multiple cases browser prompts could have been obscured by popups controlled by content. #CVE-2023-32205: Browser prompts could have been obscured by popups Reporter Alesandro Ortiz Impact high Description Mozilla Foundation Security Advisory 2023-18 Security Vulnerabilities fixed in Thunderbird 102.11 Announced Impact high Products Thunderbird Fixed in
0 kommentar(er)
