cleantalk
Vulnerabilities and Security Researches

Tainacan, CVE-2024-4367

CVE, Research URL

CVE-2024-4367

Home page URL

Security reports for Tainacan

Application

Tainacan

Published on
May 14, 2024
Research Description
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Affected versions
Min -, max 0.21.6.
Status
vulnerable
Previous vulnerability researches
External image replace (CVE-2025-30535) , Mar 26, 2025
External image replace (CVE-2025-4279) , May 06, 2025
New vulnerability
BP Messages Tool (CVE-2025-43839) , May 07, 2025
EC Authorize.net (CVE-2025-46487) , May 07, 2025
TablePress &#8211; Tables in WordPress made easy (CVE-2024-45293) , May 07, 2025
Newsletter &#8211; Send awesome emails from WordPress (CVE-2025-3583) , May 07, 2025
Insert PHP Code Snippet (CVE-2024-43275) , May 07, 2025