Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-23995

Опубликовано: 24 июн. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.1
CVSS3: 8.8

Описание

When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

РелизСтатусПримечание
bionic

released

88.0+build2-0ubuntu0.18.04.2
devel

released

88.0.1+build1-0ubuntu2
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

88.0+build2-0ubuntu0.20.04.1
groovy

released

88.0+build2-0ubuntu0.20.10.1
hirsute

released

88.0+build2-0ubuntu0.21.04.1
impish

released

88.0.1+build1-0ubuntu2
jammy

released

88.0.1+build1-0ubuntu2
kinetic

released

88.0.1+build1-0ubuntu2

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

groovy

ignored

end of life
hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

ignored

focal

ignored

groovy

ignored

end of life
hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/jammy

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

ignored

end of life
hirsute

ignored

end of life
impish

ignored

end of life
jammy

ignored

Показывать по

РелизСтатусПримечание
bionic

released

1:78.11.0+build1-0ubuntu0.18.04.2
devel

released

1:78.11.0+build1-0ubuntu2
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

1:78.11.0+build1-0ubuntu0.20.04.2
groovy

released

1:78.11.0+build1-0ubuntu0.20.10.2
hirsute

released

1:78.11.0+build1-0ubuntu0.21.04.2
impish

released

1:78.11.0+build1-0ubuntu2
jammy

released

1:78.11.0+build1-0ubuntu2
kinetic

released

1:78.11.0+build1-0ubuntu2

Показывать по

EPSS

Процентиль: 76%
0.01023
Низкий

5.1 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVSS3: 8.8
redhat
больше 4 лет назад

When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS3: 8.8
nvd
около 4 лет назад

When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS3: 8.8
debian
около 4 лет назад

When Responsive Design Mode was enabled, it used references to objects ...

github
около 3 лет назад

When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS3: 8.8
fstec
больше 4 лет назад

Уязвимость режима адаптивного дизайна (Responsive Design Mode) почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 76%
0.01023
Низкий

5.1 Medium

CVSS2

8.8 High

CVSS3