Описание
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139 and Thunderbird < 139.
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: In certain cases, SNI could be sent unencrypted, even when encrypted DNS is enabled.
Отчет
Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | firefox | Not affected | ||
| Red Hat Enterprise Linux 10 | rhel10/firefox-flatpak | Not affected | ||
| Red Hat Enterprise Linux 6 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 7 | firefox | Not affected | ||
| Red Hat Enterprise Linux 8 | firefox | Not affected | ||
| Red Hat Enterprise Linux 9 | firefox | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.4 Low
CVSS3
Связанные уязвимости
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139 and Thunderbird < 139.
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139 and Thunderbird < 139.
In certain cases, SNI could have been sent unencrypted even when encry ...
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139.
Уязвимость браузера Mozilla Firefox и почтового клиента Thunderbird, связанная с передачей конфиденциальной информации открытым текстом, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
3.4 Low
CVSS3