Описание
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Will not fix | ||
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2020:4080 | 30.09.2020 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2020:3557 | 26.08.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | firefox | Fixed | RHSA-2020:3555 | 26.08.2020 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | firefox | Fixed | RHSA-2020:3559 | 26.08.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.
When constructing a permission prompt for WebRTC, a URI was supplied f ...
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.
Уязвимость браузера Mozilla Firefox и почтового клиента Thunderbird, связанная с неправильными настройками прав доступа по умолчанию, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
6.5 Medium
CVSS3