Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-15653

Опубликовано: 10 авг. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

РелизСтатусПримечание
bionic

released

79.0+build1-0ubuntu0.18.04.1
devel

released

80.0.1+build1-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

79.0+build1-0ubuntu0.20.04.1
groovy

released

80.0.1+build1-0ubuntu1
hirsute

released

80.0.1+build1-0ubuntu1
impish

released

80.0.1+build1-0ubuntu1
jammy

released

80.0.1+build1-0ubuntu1
kinetic

released

80.0.1+build1-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

groovy

ignored

end of life
hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

ignored

focal

ignored

groovy

ignored

end of life
hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

released

1:78.8.1+build1-0ubuntu0.18.04.1
devel

not-affected

1:78.4.3+build1-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

1:78.7.1+build1-0ubuntu0.20.04.1
groovy

not-affected

1:78.3.2+build1-0ubuntu1
hirsute

not-affected

1:78.4.3+build1-0ubuntu1
impish

not-affected

1:78.4.3+build1-0ubuntu1
jammy

not-affected

1:78.4.3+build1-0ubuntu1
kinetic

not-affected

1:78.4.3+build1-0ubuntu1

Показывать по

Ссылки на источники

EPSS

Процентиль: 46%
0.00231
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-15653

CVSS3: 6.1
redhat
около 5 лет назад

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

nvd логотип

CVE-2020-15653

CVSS3: 6.5
nvd
около 5 лет назад

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

debian логотип

CVE-2020-15653

CVSS3: 6.5
debian
около 5 лет назад

An iframe sandbox element with the allow-popups flag could be bypassed ...

github логотип

GHSA-vcgf-4q4f-3267

CVSS3: 6.5
github
больше 3 лет назад

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

fstec логотип

BDU:2022-05735

CVSS3: 6.5
fstec
около 5 лет назад

Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильными настройками прав доступа по умолчанию, позволяющая нарушителю обойти существующие ограничения безопасности

EPSS

Процентиль: 46%
0.00231
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3