Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. (CVE-2021-23994, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-29945, CVE-2021-29946, CVE-2021-29947)
A use-after-free was discovered when Responsive Design Mode was enabled. If a user were tricked into opening a specially crafted website with Responsive Design Mode enabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-23995)
It was discovered that Firefox mishandled ftp URLs with encoded newline characters. If a user were tricked into clicking on a specially crafted link, an attacker could potentially exploit this to send arbitrary FTP commands. (CVE-2021-24002)
{ "binaries": [ { "binary_version": "88.0+build2-0ubuntu0.16.04.1", "binary_name": "firefox" }, { "binary_version": "88.0+build2-0ubuntu0.16.04.1", "binary_name": "firefox-dev" }, { "binary_version": "88.0+build2-0ubuntu0.16.04.1", "binary_name": "firefox-geckodriver" }, { "binary_version": "88.0+build2-0ubuntu0.16.04.1", "binary_name": "firefox-mozsymbols" } ], "availability": "No subscription required" }
{ "ecosystem": "Ubuntu:16.04:LTS", "cves": [ { "id": "CVE-2021-23994", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23995", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23996", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23997", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23998", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23999", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24000", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24001", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24002", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29945", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29946", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29947", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] } ] }
{ "binaries": [ { "binary_version": "88.0+build2-0ubuntu0.18.04.2", "binary_name": "firefox" }, { "binary_version": "88.0+build2-0ubuntu0.18.04.2", "binary_name": "firefox-dev" }, { "binary_version": "88.0+build2-0ubuntu0.18.04.2", "binary_name": "firefox-geckodriver" }, { "binary_version": "88.0+build2-0ubuntu0.18.04.2", "binary_name": "firefox-mozsymbols" } ], "availability": "No subscription required" }
{ "ecosystem": "Ubuntu:18.04:LTS", "cves": [ { "id": "CVE-2021-23994", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23995", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23996", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23997", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23998", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23999", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24000", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24001", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24002", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29945", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29946", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29947", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] } ] }
{ "binaries": [ { "binary_version": "88.0+build2-0ubuntu0.20.04.1", "binary_name": "firefox" }, { "binary_version": "88.0+build2-0ubuntu0.20.04.1", "binary_name": "firefox-dev" }, { "binary_version": "88.0+build2-0ubuntu0.20.04.1", "binary_name": "firefox-geckodriver" }, { "binary_version": "88.0+build2-0ubuntu0.20.04.1", "binary_name": "firefox-mozsymbols" } ], "availability": "No subscription required" }
{ "ecosystem": "Ubuntu:20.04:LTS", "cves": [ { "id": "CVE-2021-23994", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23995", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23996", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23997", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23998", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-23999", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24000", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24001", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-24002", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29945", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29946", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2021-29947", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] } ] }