Oval Definition:oval:org.opensuse.security:def:20177788
Revision Date:2022-06-30Version:1
Title:CVE-2017-7788
Description:

When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy (CSP) as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox < 55.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-7788
Mitre CVE-2017-7788
SUSE CVE-2017-7788
Platform(s):openSUSE Leap 15.0
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • MozillaFirefox-60.0-lp150.2 is installed
  • AND MozillaFirefox is signed with openSUSE key
  • OR
  • MozillaFirefox-translations-common-60.0-lp150.2 is installed
  • AND MozillaFirefox-translations-common is signed with openSUSE key
  • OR
  • MozillaFirefox-translations-other-60.0-lp150.2 is installed
  • AND MozillaFirefox-translations-other is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • MozillaFirefox-92.0-1.2 is installed
  • OR MozillaFirefox-branding-upstream-92.0-1.2 is installed
  • OR MozillaFirefox-devel-92.0-1.2 is installed
  • OR MozillaFirefox-translations-common-92.0-1.2 is installed
  • OR MozillaFirefox-translations-other-92.0-1.2 is installed
    • BACK