CVE-2021-38506

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-38506

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38506.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-38506

Downstream

DEBIAN-CVE-2021-38506

DLA-2863-1

DLA-2874-1

DSA-5026-1

DSA-5034-1

OESA-2023-1673

OESA-2023-1674

RHSA-2021:4116

RHSA-2021:4123

RHSA-2021:4130

RHSA-2021:4132

RHSA-2021:4133

RHSA-2021:4134

RHSA-2021:4605

RHSA-2021:4607

SUSE-SU-2021:3651-1

SUSE-SU-2021:3721-1

SUSE-SU-2021:3745-1

SUSE-SU-2021:4150-1

UBUNTU-CVE-2021-38506

USN-5131-1

USN-5248-1

openSUSE-SU-2021:1635-1

openSUSE-SU-2021:3745-1

openSUSE-SU-2021:4150-1

openSUSE-SU-2024:11607-1

openSUSE-SU-2024:11614-1

openSUSE-SU-2024:14572-1

Related

Published

2021-12-08T22:15:08Z

Modified

2025-08-09T20:01:25Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

References

Affected packages