Denial Of Service (DoS)

2020-10-2512:40:57

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

38.7%

JSON

firefox is vulnerable to denial of service (DoS). If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler. This allowed an attacker to successfully probe whether an external protocol handler was registered.

CPENameOperatorVersion
firefox:groovyeq81.0+build1
firefox:groovyeq80.0.1+build1
firefox:groovyeq78.0.1+build1
firefox:groovyeq80.0+build2
firefox:focaleq80.0.1+build1
firefox:focaleq75.0+build3
firefox:focaleq80.0+build2
firefox:bioniceq80.0+build2
firefox:bioniceq80.0.1+build1
firefox:bioniceq59.0.2+build1

Name	Operator	Version
firefox:groovy	eq	81.0+build1
firefox:groovy	eq	80.0.1+build1
firefox:groovy	eq	78.0.1+build1
firefox:groovy	eq	80.0+build2
firefox:focal	eq	80.0.1+build1
firefox:focal	eq	75.0+build3
firefox:focal	eq	80.0+build2
firefox:bionic	eq	80.0+build2
firefox:bionic	eq	80.0.1+build1
firefox:bionic	eq	59.0.2+build1