CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-38507 – Mozilla: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports
https://notcve.org/view.php?id=CVE-2021-38507
03 Nov 2021 — The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as sam... • https://bugzilla.mozilla.org/show_bug.cgi?id=1730935 • CWE-346: Origin Validation Error CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2021-38503 – Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
https://notcve.org/view.php?id=CVE-2021-38503
03 Nov 2021 — The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Las reglas del sandbox de iframe no se aplicaban correctamente a las hojas de estilo XSLT, permitiendo a un iframe omitir restricciones como la ejecución de scripts o la navegación por el marco de nivel superior. Esta vulnerabilidad afecta a Firefox v... • https://bugzilla.mozilla.org/show_bug.cgi?id=1729517 • CWE-732: Incorrect Permission Assignment for Critical Resource CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-38508 – Mozilla: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing
https://notcve.org/view.php?id=CVE-2021-38508
03 Nov 2021 — By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Al mostrar un mensaje de comprobación del formulario en la ubicación correcta al mismo tiempo que una solicitud de permiso (como para la geolocalización), el mensaje d... • https://bugzilla.mozilla.org/show_bug.cgi?id=1366818 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-38509 – Mozilla: Javascript alert box could have been spoofed onto an arbitrary domain
https://notcve.org/view.php?id=CVE-2021-38509
03 Nov 2021 — Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Debido a una secuencia inusual de eventos controlados por el atacante, un diálogo Javascript alert() con contenido arbitrario (aunque sin estilo) podría mostrarse encima de una página web no controlada de la elección ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1718571 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38502 – Mozilla: Downgrade attack on SMTP STARTTLS connections
https://notcve.org/view.php?id=CVE-2021-38502
13 Oct 2021 — Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. This vulnerability affects Thunderbird < 91.2. Thunderbird ignoró la configuración para requerir seguridad STARTTLS para una conexión S... • https://bugzilla.mozilla.org/show_bug.cgi?id=1733366 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-38497 – Mozilla: Validation message could have been overlaid on another origin
https://notcve.org/view.php?id=CVE-2021-38497
11 Oct 2021 — Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2. Mediante el uso de las funciones reportValidity() y window.open(), un mensaje de comprobación de texto plano podría haberse superpuesto a otro origen, conllevando una posible confusión del usuario y ataques de suplantación. Esta vulnerabilidad... • https://bugzilla.mozilla.org/show_bug.cgi?id=1726621 • CWE-346: Origin Validation Error CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2021-38500 – Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
https://notcve.org/view.php?id=CVE-2021-38500
11 Oct 2021 — Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93. Los desarrolladores de Mozilla informaron de bugs de seguridad de memoria presentes en Firefox 92 y Firefox ESR 91.1. Algunos de estos b... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1725854%2C1728321 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-38501 – Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
https://notcve.org/view.php?id=CVE-2021-38501
11 Oct 2021 — Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2. Los desarrolladores de Mozilla informaron de bugs de seguridad de memoria presentes en Firefox 92 y Firefox ESR 91.1. Algunos de estos bugs mostraban evidencias de corrupción de ... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1685354%2C1715755%2C1723176 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29991 – Ubuntu Security Notice USN-5248-1
https://notcve.org/view.php?id=CVE-2021-29991
11 Oct 2021 — Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox < 91.0.1 and Thunderbird < 91.0.1. Firefox aceptaba incorrectamente una nueva línea en un encabezado HTTP/3, interpretándola como dos encabezados separados. Esto permitía un ataque de división de encabezados contra servidores que usaban HTTP/3. • https://bugzilla.mozilla.org/show_bug.cgi?id=1724896 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-38492 – Gentoo Linux Security Advisory 202208-14
https://notcve.org/view.php?id=CVE-2021-38492
11 Oct 2021 — When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1. Cuando se delegaba la navegación al sistema operativo, Firefox aceptaba el esquema "mk" que podía perm... • https://bugzilla.mozilla.org/show_bug.cgi?id=1721107 •