Описание
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 100.0-1 | package | |
| firefox-esr | fixed | 91.9.0esr-1 | package | |
| thunderbird | fixed | 1:91.9.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29916
https://www.mozilla.org/en-US/security/advisories/mfsa2022-17/#CVE-2022-29916
https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29916
EPSS
Связанные уязвимости
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить доступ к защищаемой информации или оказать другое воздействие
EPSS