admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-344xx/CVE-2023-34415.json

24 lines
973 B
JSON
Raw Normal View History

Auto-Update: 2023-06-19T12:00:26.464934+00:00
2023-06-19 12:00:30 +00:00
{
"id": "CVE-2023-34415",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-06-19T11:15:10.980",
Auto-Update: 2023-06-20T08:51:49.899643+00:00
2023-06-20 08:51:53 +00:00
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2023-06-19T12:00:26.464934+00:00
2023-06-19 12:00:30 +00:00
"descriptions": [
{
"lang": "en",
"value": "When choosing a site-isolated process for a document loaded from a data: URL that was the result of a redirect, Firefox would load that document in the same process as the site that issued the redirect. This bypassed the site-isolation protections against Spectre-like attacks on sites that host an \"open redirect\". Firefox no longer follows HTTP redirects to data: URLs. This vulnerability affects Firefox < 114."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811999",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-20/",
"source": "security@mozilla.org"
}
]
}
Reference in New Issue Copy Permalink