Add a missing advisory to Firefox 129

mozilla · Sep 17, 2024 · 97beafb · 97beafb
1 parent b8ceb78
commit 97beafb
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/announce/2024/mfsa2024-33.yml b/announce/2024/mfsa2024-33.yml
@@ -4,6 +4,8 @@ impact: high
 fixed_in:
 - Firefox 129
 title: Security Vulnerabilities fixed in Firefox 129
+description: |
+  <em>Updated Sept 17, 2024 to add CVE-2024-8900 which was inadvertently omitted in the original advisory.</em>
 advisories:
   CVE-2024-7518:
     title: Fullscreen notification dialog can be obscured by document content
@@ -93,6 +95,14 @@ advisories:
       Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free.
     bugs:
       - url: 1895951
+  CVE-2024-8900:
+    title: Clipboard write permission bypass
+    impact: moderate
+    reporter: Om Apip
+    description: |
+      An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events.
+    bugs:
+      - url: 1872841
   CVE-2024-7529:
     title: Document content could partially obscure security prompts
     impact: moderate