Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-43538

Опубликовано: 08 дек. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 4.3

Описание

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

РелизСтатусПримечание
bionic

released

95.0+build1-0ubuntu0.18.04.1
devel

released

95.0+build1-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

95.0+build1-0ubuntu0.20.04.1
hirsute

released

95.0+build1-0ubuntu0.21.04.1
impish

released

95.0+build1-0ubuntu0.21.10.1
jammy

released

95.0+build1-0ubuntu1
kinetic

released

95.0+build1-0ubuntu1
lunar

released

95.0+build1-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

ignored

focal

ignored

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/jammy

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

ignored

end of life
impish

ignored

end of life
jammy

ignored

kinetic

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

released

1:91.5.0+build1-0ubuntu0.18.04.1
devel

released

1:91.4.0+build1-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

1:91.5.0+build1-0ubuntu0.20.04.1
hirsute

ignored

end of life
impish

released

1:91.5.0+build1-0ubuntu0.21.10.1
jammy

released

1:91.4.0+build1-0ubuntu1
kinetic

released

1:91.4.0+build1-0ubuntu1
lunar

released

1:91.4.0+build1-0ubuntu1

Показывать по

Ссылки на источники

EPSS

Процентиль: 51%
0.00275
Низкий

4.3 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-43538

CVSS3: 7.5
redhat
больше 4 лет назад

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

nvd логотип

CVE-2021-43538

CVSS3: 4.3
nvd
больше 4 лет назад

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

debian логотип

CVE-2021-43538

CVSS3: 4.3
debian
больше 4 лет назад

By misusing a race in our notification code, an attacker could have fo ...

github логотип

GHSA-9mvw-9c9q-7cmm

CVSS3: 4.3
github
больше 4 лет назад

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

fstec логотип

BDU:2021-06177

CVSS3: 5.4
fstec
больше 4 лет назад

Уязвимость браузера Mozilla Firefox и почтового клиента Mozilla Thunderbird, связанная с ошибками криптографических преобразований, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 51%
0.00275
Низкий

4.3 Medium

CVSS2

4.3 Medium

CVSS3