Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-23968

Опубликовано: 26 фев. 2021
Источник: debian

Описание

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed86.0-1package
firefox-esrfixed78.8.0esr-1package
thunderbirdfixed1:78.8.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/#CVE-2021-23968

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/#CVE-2021-23968

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/#CVE-2021-23968

Связанные уязвимости

ubuntu логотип

CVE-2021-23968

CVSS3: 4.3
ubuntu
почти 5 лет назад

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

redhat логотип

CVE-2021-23968

CVSS3: 4.3
redhat
почти 5 лет назад

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

nvd логотип

CVE-2021-23968

CVSS3: 4.3
nvd
почти 5 лет назад

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

github логотип

GHSA-94jc-v9rf-w32j

CVSS3: 4.3
github
больше 3 лет назад

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

suse-cvrf логотип

openSUSE-SU-2021:0387-1

suse-cvrf
почти 5 лет назад

Security update for MozillaThunderbird