Описание
Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 57.0+build4-0ubuntu0.17.10.5 |
| bionic | released | 57.0.1+build2-0ubuntu1 |
| devel | released | 57.0.1+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [57.0+build4-0ubuntu0.14.04.4]] |
| precise/esm | DNE | |
| trusty | released | 57.0+build4-0ubuntu0.14.04.4 |
| trusty/esm | DNE | trusty was released [57.0+build4-0ubuntu0.14.04.4] |
| upstream | released | 57.0 |
| xenial | released | 57.0+build4-0ubuntu0.16.04.5 |
| zesty | released | 57.0+build4-0ubuntu0.17.04.5 |
Показывать по
EPSS
7.5 High
CVSS2
7.3 High
CVSS3
Связанные уязвимости
Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57.
Mixed content blocking of insecure (HTTP) sub-resources in a secure (H ...
Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57.
Уязвимость браузера Mozilla Firefox, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю проводить межсайтовые сценарные атаки
EPSS
7.5 High
CVSS2
7.3 High
CVSS3