Описание
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
The Mozilla Foundation Security Advisory describes this flaw as:
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions.
Отчет
Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2023:3137 | 16.05.2023 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2023:3151 | 16.05.2023 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2023:3220 | 18.05.2023 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2023:3221 | 18.05.2023 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | firefox | Fixed | RHSA-2023:3138 | 16.05.2023 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2023:3152 | 16.05.2023 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | firefox | Fixed | RHSA-2023:3139 | 16.05.2023 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | thunderbird | Fixed | RHSA-2023:3153 | 16.05.2023 |
Показывать по
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
A missing delay in popup notifications could have made it possible for ...
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Уязвимость браузеров Firefox и Firefox ESR, существующая из-за отсутствия задержки всплывающих уведомлений, позволяющая нарушителю получить несанкционированный доступ к определенным функциям браузера
8.8 High
CVSS3