Количество 5
Количество 5
CVE-2020-26975
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.
CVE-2020-26975
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.
CVE-2020-26975
When a malicious application installed on the user's device broadcast ...
GHSA-cmfr-9hrr-hpg4
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.
BDU:2022-05940
Уязвимость браузера Mozilla Firefox для Android, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти существующие ограничения безопасности
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-26975 When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84. | CVSS3: 6.5 | 0% Низкий | около 5 лет назад |
 | CVE-2020-26975 When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84. | CVSS3: 6.5 | 0% Низкий | около 5 лет назад |
| CVE-2020-26975 When a malicious application installed on the user's device broadcast ... | CVSS3: 6.5 | 0% Низкий | около 5 лет назад |
| GHSA-cmfr-9hrr-hpg4 When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84. | 0% Низкий | больше 3 лет назад | |
 | BDU:2022-05940 Уязвимость браузера Mozilla Firefox для Android, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти существующие ограничения безопасности | CVSS3: 6.5 | 0% Низкий | около 5 лет назад |
Уязвимостей на страницу