CVE-2024-4367 PDF.js vulnerability | No advisory from Mozilla?
CVE-2024-4367 has been announced several days now with MITRE and CIS. There is also an issue/advisory on the github repo for PDF.js which appears that the fix has been me… (czytaj dalej)
CVE-2024-4367 has been announced several days now with MITRE and CIS. There is also an issue/advisory on the github repo for PDF.js which appears that the fix has been merged into the master commit of PDF.js (https://github.com/advisories/GHSA-wgrm-67xf-hhpq).
The vulnerability is pretty serious and yet there is no Security Advisory from Mozilla on affected versions, etc. (https://www.mozilla.org/en-US/security/advisories/)
Is this normal and I am just being impatient?