CVE-2023-4045 - How OffscreenCanvas Bypassed Same-Origin Policy in Firefox (Full Details and Exploit Guide)
TL;DR:
A security bug in Firefox (before version 116, ESR < 102.14 & < 115.1) let attackers use *OffscreenCanvas* to read pixels
CVE-2023-4049 - Race Condition in Reference Counting Hits Firefox — Exploit, Details, and What You Should Know
In August 2023, Mozilla patched an important vulnerability tracked as CVE-2023-4049. Found by code inspection, the security flaw is a race condition in how Firefox
CVE-2023-4046 - Deep Dive Into the Firefox WASM JIT Global Variable Vulnerability
In July 2023, Mozilla patched a notable security flaw in Firefox's handling of WebAssembly (WASM) code. Tracked as CVE-2023-4046, the vulnerability stems from
CVE-2023-3600: Analyzing the Use-After-Free Vulnerability in the Worker Lifecycle of Firefox and Thunderbird
Recently, a use-after-free vulnerability has been discovered in Firefox and Thunderbird, which could lead to a potentially exploitable crash. This vulnerability, assigned as CVE-2023-3600, affects
CVE-2023-34414 - How Missing Activation Delay on Firefox Certificate Error Pages Opened the Door to User Exploitation
_Summary:_
In 2023, security researchers discovered CVE-2023-34414, a vulnerability in Firefox and Thunderbird, where the error page for sites with invalid TLS certificates failed to
Episode
00:00:00
00:00:00