Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-AVI-142
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Aruba. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
Vendor | Product | Description | ||
---|---|---|---|---|
N/A | N/A | Aruba Mobility Controllers (ainsi que les points d'accès s'ils sont gérés par Mobility Controllers), Aruba SD-WAN Gateways et Aruba Instant Access Points. Aruba indique qu'ils considèrent que les vulnérabilités CVE-2020-25684, CVE-2020-25685 et CVE-2020-25686 sont de faible criticité et qu'ils migreront dnsmasq au moins vers la version 2.8.3 à une date ultérieure. | ||
HPE Aruba Networking | AirWave Management Platform | AirWave Management Platform versions antérieures à 8.2.12.0 |
References
Title | Publication Time | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Aruba Mobility Controllers (ainsi que les points d\u0027acc\u00e8s s\u0027ils sont g\u00e9r\u00e9s par Mobility Controllers), Aruba SD-WAN Gateways et Aruba Instant Access Points. Aruba indique qu\u0027ils consid\u00e8rent que les vuln\u00e9rabilit\u00e9s CVE-2020-25684, CVE-2020-25685 et CVE-2020-25686 sont de faible criticit\u00e9 et qu\u0027ils migreront dnsmasq au moins vers la version 2.8.3 \u00e0 une date ult\u00e9rieure.", "product": { "name": "N/A", "vendor": { "name": "N/A", "scada": false } } }, { "description": "AirWave Management Platform versions ant\u00e9rieures \u00e0 8.2.12.0", "product": { "name": "AirWave Management Platform", "vendor": { "name": "HPE Aruba Networking", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2021-29964", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29964" }, { "name": "CVE-2021-29966", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29966" }, { "name": "CVE-2020-25685", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25685" }, { "name": "CVE-2020-25684", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25684" }, { "name": "CVE-2021-29962", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29962" }, { "name": "CVE-2021-29971", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29971" }, { "name": "CVE-2021-29963", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29963" }, { "name": "CVE-2020-25686", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25686" }, { "name": "CVE-2021-29970", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29970" }, { "name": "CVE-2021-29968", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29968" }, { "name": "CVE-2021-29960", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29960" }, { "name": "CVE-2021-29967", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29967" }, { "name": "CVE-2021-29969", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29969" }, { "name": "CVE-2021-29965", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29965" }, { "name": "CVE-2021-29961", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29961" } ], "initial_release_date": "2021-02-24T00:00:00", "last_revision_date": "2021-02-24T00:00:00", "links": [], "reference": "CERTFR-2021-AVI-142", "revisions": [ { "description": "Version initiale", "revision_date": "2021-02-24T00:00:00.000000" } ], "risks": [ { "description": "D\u00e9ni de service \u00e0 distance" }, { "description": "Injection de code indirecte \u00e0 distance (XSS)" }, { "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)" }, { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "Contournement de la politique de s\u00e9curit\u00e9" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Aruba.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Aruba", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2021-005 du 23 f\u00e9vrier 2021", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-005.txt" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2021-006 du 23 f\u00e9vrier 2021", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-006.txt" } ] }
CVE-2021-29966 (GCVE-0-2021-29966)
Vulnerability from cvelistv5
Published
2021-06-24 13:14
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory safety bugs fixed in Firefox 89
Summary
Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 89.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.485Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124" }, { "name": "GLSA-202107-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202107-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 89." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Firefox 89", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-07T09:06:22", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124" }, { "name": "GLSA-202107-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202107-09" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29966", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 89." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory safety bugs fixed in Firefox 89" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124" }, { "name": "GLSA-202107-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-09" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29966", "datePublished": "2021-06-24T13:14:41", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.485Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29969 (GCVE-0-2021-29969)
Vulnerability from cvelistv5
Published
2021-08-05 19:46
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- IMAP server responses sent by a MITM prior to STARTTLS could be processed
Summary
If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Mozilla | Thunderbird |
Version: unspecified < 78.12 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.484Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682370" }, { "name": "GLSA-202208-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-14" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "78.12", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn\u0027t ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn\u0027t exist on the IMAP server. This vulnerability affects Thunderbird \u003c 78.12." } ], "problemTypes": [ { "descriptions": [ { "description": "IMAP server responses sent by a MITM prior to STARTTLS could be processed", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T05:13:47", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682370" }, { "name": "GLSA-202208-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-14" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29969", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "78.12" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn\u0027t ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn\u0027t exist on the IMAP server. This vulnerability affects Thunderbird \u003c 78.12." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "IMAP server responses sent by a MITM prior to STARTTLS could be processed" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-30/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682370", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682370" }, { "name": "GLSA-202208-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-14" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29969", "datePublished": "2021-08-05T19:46:42", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.484Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-25686 (GCVE-0-2020-25686)
Vulnerability from cvelistv5
Published
2021-01-20 16:47
Modified
2024-08-04 15:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
References
URL | Tags | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:40:36.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125" }, { "name": "FEDORA-2021-84440e87ba", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dnsmasq", "vendor": "n/a", "versions": [ { "status": "affected", "version": "dnsmasq 2.83" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-358", "description": "CWE-358", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-01-25T13:52:14", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125" }, { "name": "FEDORA-2021-84440e87ba", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-25686", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "dnsmasq", "version": { "version_data": [ { "version_value": "dnsmasq 2.83" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the \"Birthday Attacks\" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-358" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.jsof-tech.com/disclosures/dnspooq/", "refsource": "MISC", "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125" }, { "name": "FEDORA-2021-84440e87ba", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-25686", "datePublished": "2021-01-20T16:47:17", "dateReserved": "2020-09-16T00:00:00", "dateUpdated": "2024-08-04T15:40:36.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29965 (GCVE-0-2021-29965)
Vulnerability from cvelistv5
Published
2021-06-24 13:14
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Password Manager on Firefox for Android susceptible to domain spoofing
Summary
A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.499Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709257" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89." } ], "problemTypes": [ { "descriptions": [ { "description": "Password Manager on Firefox for Android susceptible to domain spoofing", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-24T13:14:52", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709257" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29965", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Password Manager on Firefox for Android susceptible to domain spoofing" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709257", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709257" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29965", "datePublished": "2021-06-24T13:14:52", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.499Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-25684 (GCVE-0-2020-25684)
Vulnerability from cvelistv5
Published
2021-01-20 15:22
Modified
2024-08-04 15:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
References
URL | Tags | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:40:36.670Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "name": "FEDORA-2021-84440e87ba", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "name": "[debian-lts-announce] 20210322 [SECURITY] [DLA 2604-1] dnsmasq security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dnsmasq", "vendor": "n/a", "versions": [ { "status": "affected", "version": "dnsmasq 2.83" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query\u0027s attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-358", "description": "CWE-358", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-01-25T13:52:07", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "name": "FEDORA-2021-84440e87ba", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "name": "[debian-lts-announce] 20210322 [SECURITY] [DLA 2604-1] dnsmasq security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-25684", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "dnsmasq", "version": { "version_data": [ { "version_value": "dnsmasq 2.83" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query\u0027s attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-358" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686" }, { "name": "https://www.jsof-tech.com/disclosures/dnspooq/", "refsource": "MISC", "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "name": "FEDORA-2021-84440e87ba", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "name": "[debian-lts-announce] 20210322 [SECURITY] [DLA 2604-1] dnsmasq security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00027.html" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-25684", "datePublished": "2021-01-20T15:22:21", "dateReserved": "2020-09-16T00:00:00", "dateUpdated": "2024-08-04T15:40:36.670Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29971 (GCVE-0-2021-29971)
Vulnerability from cvelistv5
Published
2021-08-05 19:46
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Granted permissions only compared host; omitting scheme and port on Android
Summary
If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.573Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713638" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "90", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 90." } ], "problemTypes": [ { "descriptions": [ { "description": "Granted permissions only compared host; omitting scheme and port on Android", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-05T19:46:31", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713638" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29971", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "90" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 90." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Granted permissions only compared host; omitting scheme and port on Android" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713638", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713638" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29971", "datePublished": "2021-08-05T19:46:31", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.573Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29963 (GCVE-0-2021-29963)
Vulnerability from cvelistv5
Published
2021-06-24 13:15
Modified
2024-08-03 22:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Shared cookies for search suggestions in private browsing mode
Summary
Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:18:03.476Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1705068" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89." } ], "problemTypes": [ { "descriptions": [ { "description": "Shared cookies for search suggestions in private browsing mode", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-24T13:15:44", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1705068" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29963", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Shared cookies for search suggestions in private browsing mode" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1705068", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1705068" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29963", "datePublished": "2021-06-24T13:15:44", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:18:03.476Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29964 (GCVE-0-2021-29964)
Vulnerability from cvelistv5
Published
2021-06-24 13:15
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of bounds-read when parsing a `WM_COPYDATA` message
Summary
A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Mozilla | Thunderbird |
Version: unspecified < 78.11 |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.523Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-26/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-24/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1706501" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "78.11", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "78.11", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 78.11, Firefox \u003c 89, and Firefox ESR \u003c 78.11." } ], "problemTypes": [ { "descriptions": [ { "description": "Out of bounds-read when parsing a `WM_COPYDATA` message", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-24T13:15:35", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-26/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-24/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1706501" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29964", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "78.11" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } }, { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "78.11" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird \u003c 78.11, Firefox \u003c 89, and Firefox ESR \u003c 78.11." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out of bounds-read when parsing a `WM_COPYDATA` message" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-26/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-26/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2021-24/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-24/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1706501", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1706501" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29964", "datePublished": "2021-06-24T13:15:35", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.523Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29961 (GCVE-0-2021-29961)
Vulnerability from cvelistv5
Published
2021-06-24 13:15
Modified
2024-08-03 22:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Firefox UI spoof using `<select>` elements and CSS scaling
Summary
When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox < 89.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:18:03.404Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1700235" }, { "name": "GLSA-202107-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202107-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When styling and rendering an oversized `\u003cselect\u003e` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox \u003c 89." } ], "problemTypes": [ { "descriptions": [ { "description": "Firefox UI spoof using `\u003cselect\u003e` elements and CSS scaling", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-07T09:06:18", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1700235" }, { "name": "GLSA-202107-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202107-09" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29961", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When styling and rendering an oversized `\u003cselect\u003e` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox \u003c 89." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Firefox UI spoof using `\u003cselect\u003e` elements and CSS scaling" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1700235", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1700235" }, { "name": "GLSA-202107-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-09" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29961", "datePublished": "2021-06-24T13:15:55", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:18:03.404Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29960 (GCVE-0-2021-29960)
Vulnerability from cvelistv5
Published
2021-06-24 13:16
Modified
2024-08-03 22:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Filenames printed from private browsing mode incorrectly retained in preferences
Summary
Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox < 89.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:18:03.309Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1675965" }, { "name": "GLSA-202107-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202107-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox \u003c 89." } ], "problemTypes": [ { "descriptions": [ { "description": "Filenames printed from private browsing mode incorrectly retained in preferences", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-07T09:06:20", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1675965" }, { "name": "GLSA-202107-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202107-09" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29960", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox \u003c 89." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Filenames printed from private browsing mode incorrectly retained in preferences" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1675965", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1675965" }, { "name": "GLSA-202107-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-09" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29960", "datePublished": "2021-06-24T13:16:36", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:18:03.309Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-25685 (GCVE-0-2020-25685)
Vulnerability from cvelistv5
Published
2021-01-20 00:00
Modified
2024-08-04 15:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:40:36.614Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688" }, { "name": "FEDORA-2021-84440e87ba", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "tags": [ "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dnsmasq", "vendor": "n/a", "versions": [ { "status": "affected", "version": "dnsmasq 2.83" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-326", "description": "CWE-326", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-07T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://www.jsof-tech.com/disclosures/dnspooq/" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688" }, { "name": "FEDORA-2021-84440e87ba", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" }, { "name": "GLSA-202101-17", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202101-17" }, { "name": "DSA-4844", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2021/dsa-4844" }, { "name": "FEDORA-2021-2e4c3d5a9d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGB7HL3OWHTLEPSMLDGOMXQKG3KM2QME/" }, { "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12135-security-advisory-61" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-25685", "datePublished": "2021-01-20T00:00:00", "dateReserved": "2020-09-16T00:00:00", "dateUpdated": "2024-08-04T15:40:36.614Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29967 (GCVE-0-2021-29967)
Vulnerability from cvelistv5
Published
2021-06-24 13:14
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11
Summary
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.
References
URL | Tags | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Mozilla | Thunderbird |
Version: unspecified < 78.11 |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.588Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-26/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-24/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041" }, { "name": "GLSA-202208-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-14" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "78.11", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "78.11", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 78.11, Firefox \u003c 89, and Firefox ESR \u003c 78.11." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T05:11:31", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-26/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-24/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041" }, { "name": "GLSA-202208-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-14" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29967", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "78.11" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } }, { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "78.11" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 78.11, Firefox \u003c 89, and Firefox ESR \u003c 78.11." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-26/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-26/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2021-24/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-24/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041" }, { "name": "GLSA-202208-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-14" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29967", "datePublished": "2021-06-24T13:14:29", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.588Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29962 (GCVE-0-2021-29962)
Vulnerability from cvelistv5
Published
2021-06-24 13:15
Modified
2024-08-03 22:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- No rate-limiting for popups on Firefox for Android
Summary
Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:18:03.303Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1701673" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89." } ], "problemTypes": [ { "descriptions": [ { "description": "No rate-limiting for popups on Firefox for Android", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-24T13:15:49", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1701673" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29962", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "No rate-limiting for popups on Firefox for Android" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-23/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-23/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1701673", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1701673" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29962", "datePublished": "2021-06-24T13:15:49", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:18:03.303Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29970 (GCVE-0-2021-29970)
Vulnerability from cvelistv5
Published
2021-08-05 19:46
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use-after-free in accessibility features of a document
Summary
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.
References
URL | Tags | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Mozilla | Thunderbird |
Version: unspecified < 78.12 |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.593Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-29/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709976" }, { "name": "GLSA-202202-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202202-03" }, { "name": "GLSA-202208-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-14" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "78.12", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "78.12", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "90", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird \u003c 78.12, Firefox ESR \u003c 78.12, and Firefox \u003c 90." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-after-free in accessibility features of a document", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T05:11:45", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-29/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709976" }, { "name": "GLSA-202202-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202202-03" }, { "name": "GLSA-202208-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-14" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29970", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "78.12" } ] } }, { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "78.12" } ] } }, { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "90" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird \u003c 78.12, Firefox ESR \u003c 78.12, and Firefox \u003c 90." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use-after-free in accessibility features of a document" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2021-30/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2021-29/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-29/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709976", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709976" }, { "name": "GLSA-202202-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202202-03" }, { "name": "GLSA-202208-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-14" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29970", "datePublished": "2021-08-05T19:46:37", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.593Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-29968 (GCVE-0-2021-29968)
Vulnerability from cvelistv5
Published
2021-06-24 13:14
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of bounds read when drawing text characters onto a Canvas
Summary
When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:24:57.578Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-27/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1712047" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "89.0.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89.0.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Out of bounds read when drawing text characters onto a Canvas", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-24T13:14:22", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mozilla.org/security/advisories/mfsa2021-27/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1712047" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29968", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "89.0.1" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 89.0.1." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out of bounds read when drawing text characters onto a Canvas" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2021-27/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-27/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1712047", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1712047" } ] } } } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29968", "datePublished": "2021-06-24T13:14:22", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2024-08-03T22:24:57.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…