CVE-2024-4367

Published May 14, 2024

Last updated 5 months ago

Overview

Description: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Source: security@mozilla.org
NVD status: Awaiting Analysis

Hype score: Not currently trending

Awesome! CVE-2024-4367 &#8211; Arbitrary JavaScript execution in PDF.js https://t.co/DTu8aNRGDU
@r00tth3w0r1d
Oct 28, 2024 10:46 AM
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References