updating severity since an exploit exists
This commit is contained in:
Родитель
a09d58adbb
Коммит
fef9701243
|
@ -1,13 +1,13 @@
|
|||
## mfsa2024-15.yml
|
||||
announced: March 22, 2024
|
||||
impact: high
|
||||
impact: critical
|
||||
fixed_in:
|
||||
- Firefox 124.0.1
|
||||
title: Security Vulnerabilities fixed in Firefox 124.0.1
|
||||
advisories:
|
||||
CVE-2024-29943:
|
||||
title: Out-of-bounds access via Range Analysis bypass
|
||||
impact: high
|
||||
impact: critical
|
||||
reporter: Manfred Paul via Trend Micro's Zero Day Initiative
|
||||
description: |
|
||||
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination.
|
||||
|
@ -15,7 +15,7 @@ advisories:
|
|||
- url: 1886849
|
||||
CVE-2024-29944:
|
||||
title: Privileged JavaScript Execution via Event Handlers
|
||||
impact: high
|
||||
impact: critical
|
||||
reporter: Manfred Paul via Trend Micro's Zero Day Initiative
|
||||
description: |
|
||||
An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
## mfsa2024-16.yml
|
||||
announced: March 22, 2024
|
||||
impact: high
|
||||
impact: critical
|
||||
fixed_in:
|
||||
- Firefox ESR 115.9.1
|
||||
title: Security Vulnerabilities fixed in Firefox ESR 115.9.1
|
||||
advisories:
|
||||
CVE-2024-29944:
|
||||
title: Privileged JavaScript Execution via Event Handlers
|
||||
impact: high
|
||||
impact: critical
|
||||
reporter: Manfred Paul via Trend Micro's Zero Day Initiative
|
||||
description: |
|
||||
An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.
|
||||
|
|
Загрузка…
Ссылка в новой задаче