Описание
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 5 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2020:3233 | 29.07.2020 |
| Red Hat Enterprise Linux 6 | thunderbird | Fixed | RHSA-2020:3345 | 06.08.2020 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2020:3253 | 30.07.2020 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2020:3344 | 06.08.2020 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2020:3241 | 30.07.2020 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2020:3341 | 06.08.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | firefox | Fixed | RHSA-2020:3229 | 29.07.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2020:3343 | 06.08.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
By observing the stack trace for JavaScript errors in web workers, it ...
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с утечкой информации в сообщениях об ошибках, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
6.5 Medium
CVSS3