Описание
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could be used to trick a user into granting sensitive permissions by hiding what the user is actually clicking.
Отчет
Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. This CVE is specific to Firefox for Android.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 10 | firefox-flatpak-container | Fix deferred | ||
| Red Hat Enterprise Linux 6 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 7 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 8 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 9 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 9 | firefox-flatpak-container | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.
Android apps can load web pages using the Custom Tabs feature. This fe ...
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.
EPSS
7.1 High
CVSS3