QID 376143
Date Published: 2021-12-09
QID 376143: Mozilla Firefox Multiple Vulnerabilities (MFSA2021-52)
Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.
Mozilla Firefox is prone to
CVE-2021-43536: URL leakage when navigating while executing asynchronous function
CVE-2021-43537: Heap buffer overflow when using structured clone
CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
CVE-2021-43539: GC rooting failure when calling wasm instance methods
CVE-2021-43540: WebExtensions could have installed persistent ServiceWorkers
CVE-2021-43541: External protocol handler parameters were unescaped
CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
CVE-2021-43543: Bypass of CSP sandbox directive when embedding
CVE-2021-43544: Receiving a malicious URL as text through a SEND intent could have led to XSS
CVE-2021-43545: Denial of Service when using the Location API in a loop
CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
Affected Products:
Prior to Firefox 95
QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
- MFSA2021-52 -
www.mozilla.org/en-US/security/advisories/mfsa2021-52/
CVEs related to QID 376143
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| MFSA2021-52 |
www.mozilla.org/en-US/security/advisories/mfsa2021-52/ |