CVE-2021-38510

Опубликовано: 02 нояб. 2021

Источник: redhat

CVSS3: 6.1

EPSS Низкий

Описание

The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	firefox	Out of support scope
Red Hat Enterprise Linux 6	thunderbird	Not affected
Red Hat Enterprise Linux 7	firefox	Not affected
Red Hat Enterprise Linux 7	thunderbird	Not affected
Red Hat Enterprise Linux 8	firefox	Not affected
Red Hat Enterprise Linux 8	thunderbird	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-77

https://bugzilla.redhat.com/show_bug.cgi?id=2019629Mozilla: Download Protections were bypassed by .inetloc files on Mac OS

EPSS

Процентиль: 64%

0.0047

Низкий

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2021-38510

CVSS3: 8.8

ubuntu

около 4 лет назад

The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CVE-2021-38510

CVSS3: 8.8

nvd

около 4 лет назад

CVE-2021-38510

CVSS3: 8.8

debian

около 4 лет назад

The executable file warning was not presented when downloading .inetlo ...

GHSA-h8g4-jwjc-gf58

CVSS3: 8.8

github

около 4 лет назад

BDU:2024-02637

CVSS3: 8.8

fstec

больше 4 лет назад

Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird для операционных систем Mac OS, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 64%

0.0047

Низкий

6.1 Medium

CVSS3