Wind River Support Network

HomeDefectsLIN1022-6349
Not to be fixed

LIN1022-6349 : Security Advisory - firefox - CVE-2024-0747

Created: Jan 23, 2024    Updated: Apr 8, 2024
Resolved Date: Apr 8, 2024
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CREATE(Triage):(User=admin) CVE-2024-0747 (https://nvd.nist.gov/vuln/detail/CVE-2024-0747)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube