Описание
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior was reverted to the original, user-specific directory.
This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.
| Релиз | Статус | Примечание |
|---|---|---|
| trusty | ignored | end of standard support |
| upstream | released | 91.7.0esr-1 |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:91.7.0+build2-0ubuntu0.18.04.1 |
| devel | released | 1:91.7.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 1:91.7.0+build2-0ubuntu0.20.04.1 |
| impish | released | 1:91.7.0+build2-0ubuntu0.21.10.1 |
| jammy | released | 1:91.7.0+build2-0ubuntu1 |
| kinetic | released | 1:91.7.0+build2-0ubuntu1 |
| lunar | released | 1:91.7.0+build2-0ubuntu1 |
| trusty | ignored | end of standard support |
Показывать по
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.
Previously Firefox for macOS and Linux would download temporary files ...
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.
Уязвимость браузера Mozilla Firefox, связанная с недостатками контроля доступа, позволяющая нарушителю получить доступ к конфиденциальной информации
EPSS
6.5 Medium
CVSS3