Vulnerabilities and Security Researches

Tainacan, CVE-2024-4367

CVE, Research URL: CVE-2024-4367
Home page URL: Security reports for Tainacan
Application: Tainacan
Published on: May 14, 2024
Research Description: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Affected versions: Min -, max 0.21.6.
Status: vulnerable