cleantalk
Vulnerabilities and Security Researches

Tainacan, CVE-2024-4367

CVE, Research URL

CVE-2024-4367

Home page URL

Security reports for Tainacan

Application

Tainacan

Published on
May 14, 2024
Research Description
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Affected versions
Min -, max 0.21.6.
Status
vulnerable
Previous vulnerability researches
BSK PDF Manager (CVE-2021-24860) , Jun 07, 2024
BSK PDF Manager (CVE-2014-4944) , Jun 07, 2024
BSK PDF Manager (CVE-2023-5110) , Jun 07, 2024
BSK PDF Manager (CVE-2024-38767) , Jul 19, 2024
BSK PDF Manager (CVE-2024-4367) , Jul 22, 2024
New vulnerability
WordPress Plugin for Google Maps &#8211; WP MAPS (CVE-2025-3502) , May 07, 2025
WordPress Plugin for Google Maps &#8211; WP MAPS (CVE-2025-3503) , May 07, 2025
Category Widget (CVE-2025-46515) , May 07, 2025
Search Exclude (CVE-2025-2821) , May 07, 2025
IGIT Related Posts With Thumb Image After Posts (CVE-2025-46518) , May 07, 2025