Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-9391

Опубликовано: 01 окт. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 6.5

Описание

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 131.

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra/focal

DNE

focal

not-affected

jammy

not-affected

code not present
noble

not-affected

code not present
oracular

not-affected

code not present
upstream

not-affected

debian: Only affects Firefox Focus for Android

Показывать по

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra/focal

DNE

focal

not-affected

jammy

not-affected

noble

not-affected

code not present
oracular

not-affected

code not present
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 26%
0.00088
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-9391

CVSS3: 7.1
redhat
9 месяцев назад

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

nvd логотип

CVE-2024-9391

CVSS3: 6.5
nvd
9 месяцев назад

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

debian логотип

CVE-2024-9391

CVSS3: 6.5
debian
9 месяцев назад

A user who enables full-screen mode on a specially crafted web page co ...

github логотип

GHSA-p5hw-4fxj-g4x6

CVSS3: 6.5
github
9 месяцев назад

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

fstec логотип

BDU:2024-09292

CVSS3: 5.4
fstec
9 месяцев назад

Уязвимость полноэкранного режима (Full Screen Mode) браузера Mozilla Firefox Focus операционных систем Android, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 26%
0.00088
Низкий

6.5 Medium

CVSS3

Уязвимость CVE-2024-9391