mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
100 lines
3.7 KiB
JSON
100 lines
3.7 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2021-23995",
|
|
"ASSIGNER": "security@mozilla.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Mozilla",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Firefox ESR",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "78.10",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "Thunderbird",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "78.10",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "Firefox",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "88",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Use-after-free in Responsive Design Mode"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2021-14/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2021-14/"
|
|
},
|
|
{
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2021-16/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2021-16/"
|
|
},
|
|
{
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2021-15/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2021-15/"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1699835",
|
|
"refsource": "MISC",
|
|
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1699835"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88."
|
|
}
|
|
]
|
|
}
|
|
} |