Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. (CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43545, CVE-2021-43546)
A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. (CVE-2021-43540)
{ "binaries": [ { "binary_version": "95.0+build1-0ubuntu0.18.04.1", "binary_name": "firefox" }, { "binary_version": "95.0+build1-0ubuntu0.18.04.1", "binary_name": "firefox-dev" }, { "binary_version": "95.0+build1-0ubuntu0.18.04.1", "binary_name": "firefox-geckodriver" }, { "binary_version": "95.0+build1-0ubuntu0.18.04.1", "binary_name": "firefox-mozsymbols" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "95.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox" }, { "binary_version": "95.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox-dev" }, { "binary_version": "95.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox-geckodriver" }, { "binary_version": "95.0+build1-0ubuntu0.20.04.1", "binary_name": "firefox-mozsymbols" } ], "availability": "No subscription required" }