Описание
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 119.0-1 | package | |
| firefox-esr | fixed | 115.4.0esr-1 | package | |
| thunderbird | fixed | 1:115.4.1-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5725
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5725
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5725
EPSS
Связанные уязвимости
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
EPSS