Lucene search
Veracode Vulnerability DatabaseVERACODE:33231HistoryDec 10, 2021 - 7:36 a.m.
Spoofing Attack
2021-12-1007:36:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
0.002 Low
EPSS
Percentile
53.5%
Thunderbird and Firefox are vulnerable to spoofing attack. The vulnerability exists due to a misuse of a race in the notification code allowing an attacker to forcefully hide the notification for pages that had received full screen and pointer lock access.
References
access.redhat.com/errata/RHSA-2021:5013
access.redhat.com/security/updates/classification/#important
bugzilla.mozilla.org/show_bug.cgi?id=1739091
bugzilla.redhat.com/show_bug.cgi?id=2030109
lists.debian.org/debian-lts-announce/2021/12/msg00030.html
lists.debian.org/debian-lts-announce/2022/01/msg00001.html
security.gentoo.org/glsa/202202-03
security.gentoo.org/glsa/202208-14
www.debian.org/security/2021/dsa-5026
www.debian.org/security/2022/dsa-5034
www.mozilla.org/security/advisories/mfsa2021-52/
www.mozilla.org/security/advisories/mfsa2021-53/
www.mozilla.org/security/advisories/mfsa2021-54/
Related
redhatcve
redhatcve
CVE-2021-43538
2021-12-08 02:49:43
ubuntucve
ubuntucve
CVE-2021-43538
2021-12-08 00:00:00
alpinelinux
alpinelinux
CVE-2021-43538
2021-12-08 22:15:09
cnvd
cnvd
Mozilla Firefox conditional competition issue vulnerability
2021-12-12 00:00:00
cvelist
cvelist
CVE-2021-43538
2021-12-08 21:20:20
prion
prion
Design/Logic Flaw
2021-12-08 22:15:00
nvd
nvd
CVE-2021-43538
2021-12-08 22:15:09
cve
cve
CVE-2021-43538
2021-12-08 22:15:09
debiancve
debiancve
CVE-2021-43538
2021-12-08 22:15:09
suse
suse
Security update for MozillaFirefox (important)
2021-12-10 00:00:00
Security update for MozillaFirefox (important)
2021-12-12 00:00:00
Security update for MozillaThunderbird (important)
2021-12-29 00:00:00
nessus
nessus
openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2021:1575-1)
2021-12-17 00:00:00
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14859-1)
2021-12-11 00:00:00
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2021:5014)
2021-12-08 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:4000-1)
2021-12-13 00:00:00
Mozilla Firefox ESR Security Advisory (MFSA2021-53) - Mac OS X
2021-12-12 00:00:00
CentOS: Security Advisory for firefox (CESA-2021:5014)
2022-01-11 00:00:00
rocky
rocky
firefox security update
2021-12-08 09:42:58
thunderbird security update
2021-12-09 12:14:59
archlinux
archlinux
[ASA-202112-9] thunderbird: multiple issues
2021-12-11 00:00:00
[ASA-202112-8] firefox: multiple issues
2021-12-11 00:00:00
ubuntu
ubuntu
Firefox regressions
2021-12-20 00:00:00
Firefox vulnerabilities
2021-12-09 00:00:00
Thunderbird vulnerabilities
2022-01-21 00:00:00
centos
centos
firefox security update
2021-12-14 00:04:22
redhat
redhat
(RHSA-2021:5014) Important: firefox security update
2021-12-08 09:42:59
(RHSA-2021:5017) Important: firefox security update
2021-12-08 09:44:27
(RHSA-2021:5013) Important: firefox security update
2021-12-08 09:42:58
oraclelinux
oraclelinux
firefox security update
2021-12-08 00:00:00
firefox security update
2021-12-09 00:00:00
thunderbird security update
2021-12-10 00:00:00
almalinux
almalinux
Important: firefox security update
2021-12-08 09:42:58
Important: thunderbird security update
2021-12-09 12:14:59
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.4.0-alt1
2021-12-14 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.4.0-alt1
2021-12-21 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 91.4.0 — Mozilla
2021-12-07 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.4.0 — Mozilla
2021-12-07 00:00:00
Security Vulnerabilities fixed in Firefox 95 — Mozilla
2021-12-07 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerability
2021-12-11 01:19:07
Updated thunderbird packages fix security vulnerability
2021-12-11 01:19:07
osv
osv
Important: firefox security update
2021-12-08 09:42:58
firefox vulnerabilities
2021-12-09 18:55:33
Important: firefox security update
2021-12-08 09:42:58
kaspersky
kaspersky
KLA12375 Multiple vulnerabilities in Mozilla Firefox ESR
2021-12-07 00:00:00
KLA12376 Multiple vulnerabilities in Mozilla Thunderbird
2021-12-07 00:00:00
KLA12374 Multiple vulnerabilities in Mozilla Firefox
2021-12-07 00:00:00
debian
debian
[SECURITY] [DLA 2863-1] firefox-esr security update
2021-12-29 14:08:44
[SECURITY] [DSA 5026-1] firefox-esr security update
2021-12-19 15:23:09
[SECURITY] [DSA 5034-1] thunderbird security update
2022-01-02 17:01:50
ibm
ibm
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2022-02-21 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2022-08-10 00:00:00