Описание
Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 83.0+build2-0ubuntu0.18.04.2 |
| devel | released | 83.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 83.0+build2-0ubuntu0.20.04.1 |
| groovy | released | 83.0+build2-0ubuntu0.20.10.1 |
| hirsute | released | 83.0+build2-0ubuntu1 |
| impish | released | 83.0+build2-0ubuntu1 |
| jammy | released | 83.0+build2-0ubuntu1 |
| kinetic | released | 83.0+build2-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/focal | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | ignored | |
| focal | ignored | |
| groovy | ignored | end of life |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | ignored | |
| focal | ignored | |
| groovy | ignored | end of life |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:78.8.1+build1-0ubuntu0.18.04.1 |
| devel | released | 1:78.5.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 1:78.7.1+build1-0ubuntu0.20.04.1 |
| groovy | released | 1:78.5.0+build3-0ubuntu0.20.10.1 |
| hirsute | released | 1:78.5.0+build3-0ubuntu1 |
| impish | released | 1:78.5.0+build3-0ubuntu1 |
| jammy | released | 1:78.5.0+build3-0ubuntu1 |
| kinetic | released | 1:78.5.0+build3-0ubuntu1 |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
Firefox did not block execution of scripts with incorrect MIME types w ...
Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3