Уязвимость утечки чувствительной информации из push-уведомлений в приватном режиме Firefox и Thunderbird
Описание
Push-уведомления, сохраненные на диск в режиме приватного просмотра, не шифровались, что могло привести к утечке конфиденциальной информации.
Затронутые версии ПО
- Firefox < 117
- Firefox ESR < 115.2
- Thunderbird < 115.2
Тип уязвимости
- Нарушение конфиденциальности
- Утечка информации
Ссылки
- Issue TrackingPermissions Required
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Issue TrackingPermissions Required
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
Push notifications stored on disk in private browsing mode were not be ...
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
EPSS
6.5 Medium
CVSS3