Debian Firefox vulnerabilities

CVE-2021-29987 [MEDIUM] CVE-2021-29987: firefox - After requesting multiple permissions, and closing the first permission panel, s... After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*

CVE-2021-23985 [MEDIUM] CVE-2021-23985: firefox - If an attacker is able to alter specific about:config values (for example malwar... If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker (able to make a direct network connection to the victim) to monitor the user's browsing activity and (pl

CVE-2021-29959 [MEDIUM] CVE-2021-29959: firefox - When a user has already allowed a website to access microphone and camera, disab... When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera. This vulnerability affects Firefox < 89. Scope: local sid: resolved (fixed in

CVE-2021-23963 [MEDIUM] CVE-2021-23963: firefox - When sharing geolocation during an active WebRTC share, Firefox could have reset... When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85. Scope: local sid: resolved (fixed in 85.0-1)

CVE-2021-23971 [MEDIUM] CVE-2021-23971: firefox - When processing a redirect with a conflicting Referrer-Policy, Firefox would hav... When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This vulnerability affects Firefox < 86. Scope: local sid: resolved (fixed in 86.0-1)

CVE-2021-29944 [MEDIUM] CVE-2021-29944: firefox - Lack of escaping allowed HTML injection when a webpage was viewed in Reader View... Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 88. Scope: local sid: resolved

CVE-2021-23977 [MEDIUM] CVE-2021-23977: firefox - Firefox for Android suffered from a time-of-check-time-of-use vulnerability that... Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86. Scope: local sid: resolved

CVE-2021-4221 [MEDIUM] CVE-2021-4221: firefox - If a domain name contained a RTL character, it would cause the domain to be rend... If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.**Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburar

CVE-2021-29958 [MEDIUM] CVE-2021-29958: firefox - When a download was initiated, the client did not check whether it was in normal... When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS < 34. Scope: local sid: resolved

CVE-2021-23976 [MEDIUM] CVE-2021-23976: firefox - When accepting a malicious intent from other installed apps, Firefox for Android... When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. Note: This issue is a different issue from CVE-2020-269

CVE-2021-29964 [HIGH] CVE-2021-29964: firefox - A locally-installed hostile program could send `WM_COPYDATA` messages that Firef... A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11. Scope: local sid: resolved

CVE-2021-38492 [MEDIUM] CVE-2021-38492: firefox - When delegating navigations to the operating system, Firefox would accept the `m... When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, F

CVE-2021-43544 [MEDIUM] CVE-2021-43544: firefox - When receiving a URL through a SEND intent, Firefox would have searched for the ... When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95. Scope: local si

CVE-2021-29973 [HIGH] CVE-2021-29973: firefox - Password autofill was enabled without user interaction on insecure websites on F... Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90

CVE-2021-29968 [HIGH] CVE-2021-29968: firefox - When drawing text onto a canvas with WebRender disabled, an out of bounds read c... When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1. Scope: local sid: resolved

CVE-2021-24000 [LOW] CVE-2021-24000: firefox - A race condition with requestPointerLock() and setTimeout() could have resulted ... A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as ) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This

CVE-2021-29971 [CRITICAL] CVE-2021-29971: firefox - If a user had granted a permission to a webpage and saved that grant, any webpag... If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90. Scope: local sid: resolved

CVE-2021-4128 [MEDIUM] CVE-2021-4128: firefox - When transitioning in and out of fullscreen mode, a graphics object was not corr... When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.*This bug only affects Firefox on MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95. Scope: local sid: resolved

CVE-2021-23957 [HIGH] CVE-2021-23957: firefox - Navigations through the Android-specific `intent` URL scheme could have been mis... Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. Scope: local sid: resolved

CVE-2021-29983 [MEDIUM] CVE-2021-29983: firefox - Firefox for Android could get stuck in fullscreen mode and not exit it even afte... Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91. Scope: local sid: resolved