Debian Firefox-Esr vulnerabilities

CVE-2021-23982 [MEDIUM] CVE-2021-23982: firefox - Using techniques that built on the slipstream research, a malicious webpage coul... Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9. Scope: local sid: resolved (fixed in 87.0-1)

CVE-2021-23984 [MEDIUM] CVE-2021-23984: firefox - A malicious extension could have opened a popup window lacking an address bar. T... A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird

CVE-2021-43542 [MEDIUM] CVE-2021-43542: firefox - Using XMLHttpRequest, an attacker could have identified installed applications b... Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)

CVE-2021-38507 [MEDIUM] CVE-2021-38507: firefox - The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to ... The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a n

CVE-2021-23969 [MEDIUM] CVE-2021-23969: firefox - As specified in the W3C Content Security Policy draft, when creating a violation... As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source f

CVE-2021-38509 [MEDIUM] CVE-2021-38509: firefox - Due to an unusual sequence of attacker-controlled events, a Javascript alert() d... Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Scope: local sid: resolved (fixed in 94.0-1)

CVE-2021-23998 [MEDIUM] CVE-2021-23998: firefox - Through complicated navigations with new windows, an HTTP page could have inheri... Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Scope: local sid: resolved (fixed in 88.0-1)

CVE-2021-29955 [MEDIUM] CVE-2021-29955: firefox - A transient execution vulnerability, named Floating Point Value Injection (FPVI)... A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87. Scope: local sid: reso

CVE-2021-43536 [MEDIUM] CVE-2021-43536: firefox - Under certain circumstances, asynchronous functions could have caused a navigati... Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)

CVE-2021-43545 [MEDIUM] CVE-2021-43545: firefox - Using the Location API in a loop could have caused severe application hangs and ... Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)

CVE-2021-43543 [MEDIUM] CVE-2021-43543: firefox - Documents loaded with the CSP sandbox directive could have escaped the sandbox's... Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)

CVE-2021-29945 [MEDIUM] CVE-2021-29945: firefox - The WebAssembly JIT could miscalculate the size of a return type, which could le... The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Scope: local sid: resolved (fixed in 88.0-1)

CVE-2021-38508 [MEDIUM] CVE-2021-38508: firefox - By displaying a form validity message in the correct location at the same time a... By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Scope: local sid: res

CVE-2021-23968 [MEDIUM] CVE-2021-23968: firefox - If Content Security Policy blocked frame navigation, the full destination of a r... If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. Scope: local sid: resolv

CVE-2021-43546 [MEDIUM] CVE-2021-43546: firefox - It was possible to recreate previous cursor spoofing attacks against users with ... It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)

CVE-2021-23973 [MEDIUM] CVE-2021-23973: firefox - When trying to load a cross-origin resource in an audio/video context a decoding... When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. Scope: local sid: resolved (fixed in 86.0-1)

CVE-2021-29964 [HIGH] CVE-2021-29964: firefox - A locally-installed hostile program could send `WM_COPYDATA` messages that Firef... A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11. Scope: local sid: resolved

CVE-2021-38492 [MEDIUM] CVE-2021-38492: firefox - When delegating navigations to the operating system, Firefox would accept the `m... When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, F

CVE-2021-29951 [MEDIUM] CVE-2021-29951: firefox-esr - The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users wh... The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service. *Note: This iss

CVE-2021-38510 [HIGH] CVE-2021-38510: firefox - The executable file warning was not presented when downloading .inetloc files, w... The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Scope: local sid: resolved