Описание
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Will not fix | ||
| Red Hat Enterprise Linux 7 | firefox | Will not fix | ||
| Red Hat Enterprise Linux 8 | firefox | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
If a wildcard ('*') is specified for the host in Content Security Poli ...
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
Уязвимость браузера Firefox, связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю нарушить целостность данных
EPSS
5.3 Medium
CVSS3