Lucene search
PRIOn knowledge basePRION:CVE-2020-26976HistoryJan 07, 2021 - 2:15 p.m.
Design/Logic Flaw
2021-01-0714:15:00
PRIOn knowledge base
www.prio-n.com
12
When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. This vulnerability affects Firefox < 84.
References
bugzilla.mozilla.org/show_bug.cgi?id=1674343
lists.debian.org/debian-lts-announce/2021/02/msg00001.html
lists.debian.org/debian-lts-announce/2021/02/msg00002.html
security.gentoo.org/glsa/202102-02
www.debian.org/security/2021/dsa-4840
www.debian.org/security/2021/dsa-4842
www.mozilla.org/security/advisories/mfsa2020-54/
Related
cvelist
cvelist
CVE-2020-26976
2021-01-07 13:52:09
redhatcve
redhatcve
CVE-2020-26976
2021-01-26 19:53:17
veracode
veracode
Authorization Bypass
2020-12-16 08:41:12
nvd
nvd
CVE-2020-26976
2021-01-07 14:15:12
debiancve
debiancve
CVE-2020-26976
2021-01-07 14:15:12
cve
cve
CVE-2020-26976
2021-01-07 14:15:12
alpinelinux
alpinelinux
CVE-2020-26976
2021-01-07 14:15:12
ubuntucve
ubuntucve
CVE-2020-26976
2020-12-15 00:00:00
nessus
nessus
Oracle Linux 8 : firefox (ELSA-2021-0288)
2021-01-28 00:00:00
openSUSE Security Update : MozillaFirefox (openSUSE-2021-223)
2021-02-04 00:00:00
RHEL 8 : firefox (RHSA-2021:0288)
2021-01-27 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2021-02-04 16:40:24
Updated thunderbird packages fix security vulnerabilities
2021-02-04 16:40:24
openvas
openvas
Mozilla Firefox ESR Security Advisories (MFSA2021-02, MFSA2021-05) - Windows
2021-01-27 00:00:00
Debian: Security Advisory (DLA-2539-1)
2021-02-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:0241-1)
2021-04-19 00:00:00
debian
debian
[SECURITY] [DLA 2539-1] firefox-esr security update
2021-02-02 12:29:59
[SECURITY] [DSA 4840-1] firefox-esr security update
2021-01-27 18:36:58
[SECURITY] [DSA 4842-1] thunderbird security update
2021-01-31 21:10:28
redhat
redhat
(RHSA-2021:0288) Important: firefox security update
2021-01-27 17:32:07
(RHSA-2021:0290) Important: firefox security update
2021-01-27 17:46:06
(RHSA-2021:0285) Important: firefox security update
2021-01-27 16:26:37
suse
suse
Security update for MozillaFirefox (important)
2021-02-01 00:00:00
Security update for MozillaFirefox (important)
2021-02-01 00:00:00
Security update for MozillaThunderbird (important)
2021-01-30 00:00:00
kaspersky
kaspersky
KLA12051 Multiple vulnerabilities in Mozilla Firefox ESR
2021-01-26 00:00:00
KLA12052 Multiple vulnerabilities in Mozilla Thunderbird
2021-01-26 00:00:00
KLA12029 Multiple vulnerabilities in Mozilla Firefox
2020-12-15 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 78.7 — Mozilla
2021-01-26 00:00:00
Security Vulnerabilities fixed in Thunderbird 78.7 — Mozilla
2021-01-26 00:00:00
Security Vulnerabilities fixed in Firefox 84 — Mozilla
2020-12-15 00:00:00
osv
osv
firefox-esr - security update
2021-01-27 00:00:00
firefox-esr - security update
2021-02-02 00:00:00
thunderbird - security update
2021-01-31 00:00:00
oraclelinux
oraclelinux
firefox security update
2021-01-28 00:00:00
firefox security update
2021-01-28 00:00:00
thunderbird security update
2021-01-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 78.7.0-alt1
2021-01-26 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 78.7.0-alt1
2021-01-27 00:00:00
archlinux
archlinux
[ASA-202102-2] thunderbird: multiple issues
2021-02-06 00:00:00
[ASA-202012-25] firefox: multiple issues
2020-12-16 00:00:00
amazon
amazon
Important: thunderbird
2021-02-17 18:13:00
gentoo
gentoo
Mozilla Thunderbird: Multiple vulnerabilities
2021-02-01 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2021-02-16 00:00:00
Firefox vulnerabilities
2020-12-15 00:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2021-1835
2021-07-02 16:43:38