Описание
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 106.0.2+build1-0ubuntu0.18.04.1 |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | released | 106.0.2+build1-0ubuntu0.20.04.1 |
| jammy | not-affected | code not present |
| kinetic | not-affected | code not present |
| lunar | not-affected | code not present |
| trusty | ignored | end of standard support |
| upstream | released | 106 |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:102.4.2+build2-0ubuntu0.18.04.1 |
| devel | not-affected | 1:102.10.0+build2-0ubuntu1 |
| esm-infra/focal | DNE | |
| focal | released | 1:102.4.2+build2-0ubuntu0.20.04.1 |
| jammy | released | 1:102.4.2+build2-0ubuntu0.22.04.1 |
| kinetic | released | 1:102.4.2+build2-0ubuntu0.22.10.1 |
| lunar | not-affected | 1:102.10.0+build2-0ubuntu1 |
| trusty | ignored | end of standard support |
| upstream | released | 1:102.4.0-1 |
| xenial | ignored | end of standard support |
Показывать по
EPSS
3.3 Low
CVSS3
Связанные уязвимости
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.
Logins saved by Firefox should be managed by the Password Manager comp ...
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.
Уязвимость компонента Form Manager браузера Firefox, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
3.3 Low
CVSS3