发布于3月6日3月6日 Members Amazon Linux AMI 2: CVE-2023-6867: Security patch for firefox (ALASFIREFOX-2024-018) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 12/19/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo References https://attackerkb.com/topics/cve-2023-6867 AL2/ALASFIREFOX-2024-018 CVE - 2023-6867
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。