CVE-2021-43538

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-43538
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-43538.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-43538
Downstream
Related
Published
2021-12-08T22:15:09Z
Modified
2025-08-09T20:01:26Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

References

Affected packages