← volver
CVE-2021-43538

CVE-2021-43538

EPSS 1.2%
By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
Productos afectados
Mozilla · FirefoxMozilla · Firefox ESRMozilla · Thunderbird

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/show_bug.cgi?id=1739091https://lists.debian.org/debian-lts-announce/2021/12/msg00030.htmlhttps://lists.debian.org/debian-lts-announce/2022/01/msg00001.htmlhttps://security.gentoo.org/glsa/202202-03https://security.gentoo.org/glsa/202208-14https://www.debian.org/security/2021/dsa-5026https://www.debian.org/security/2022/dsa-5034https://www.mozilla.org/security/advisories/mfsa2021-52/https://www.mozilla.org/security/advisories/mfsa2021-53/https://www.mozilla.org/security/advisories/mfsa2021-54/