Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-12412

Опубликовано: 09 июл. 2020
Источник: debian
EPSS Низкий

Описание

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed70.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2020-12412

EPSS

Процентиль: 51%
0.00284
Низкий

Связанные уязвимости

CVSS3: 4.3
ubuntu
около 5 лет назад

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.

CVSS3: 4.3
redhat
около 5 лет назад

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.

CVSS3: 4.3
nvd
около 5 лет назад

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.

github
около 3 лет назад

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.

EPSS

Процентиль: 51%
0.00284
Низкий