Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-6813

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 25 ΠΌΠ°Ρ€. 2020
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: low
EPSS Низкий
CVSS2: 5
CVSS3: 5.3

ОписаниС

When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

released

74.0+build3-0ubuntu0.18.04.1
devel

released

74.0+build3-0ubuntu1
eoan

released

74.0+build3-0ubuntu0.19.10.1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

74.0+build3-0ubuntu1
groovy

released

74.0+build3-0ubuntu1
hirsute

released

74.0+build3-0ubuntu1
impish

released

74.0+build3-0ubuntu1
jammy

released

74.0+build3-0ubuntu1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
devel

DNE

eoan

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
devel

DNE

eoan

ignored

end of life
esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

groovy

ignored

end of life
hirsute

DNE

impish

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

devel

DNE

eoan

ignored

end of life
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 39%
0.00175
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-6813

CVSS3: 5.3
redhat
ΠΏΠΎΡ‡Ρ‚ΠΈ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-6813

CVSS3: 5.3
nvd
ΠΏΠΎΡ‡Ρ‚ΠΈ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-6813

CVSS3: 5.3
debian
ΠΏΠΎΡ‡Ρ‚ΠΈ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

When protecting CSS blocks with the nonce feature of Content Security ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-ghv2-cp6r-w334

github
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74.

suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2020:1899-1

suse-cvrf
большС 5 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for MozillaFirefox

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 39%
0.00175
Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2020-6813