firefox allows for safebrowsing protections bypass. When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted. However, resources loaded from the same site are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections.
CPE | Name | Operator | Version |
---|---|---|---|
firefox:xenial | eq | 45.0.2+build1 | |
firefox:bionic | eq | 59.0.2+build1 | |
firefox:xenial | eq | 45.0.2+build1 | |
firefox:bionic | eq | 59.0.2+build1 |
lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
bugzilla.mozilla.org/show_bug.cgi?id=1483510
security.gentoo.org/glsa/201908-12
www.mozilla.org/security/advisories/mfsa2019-21/