mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
114 lines
4.5 KiB
JSON
114 lines
4.5 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2020-6812",
|
|
"ASSIGNER": "security@mozilla.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Mozilla",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Thunderbird",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "68.6",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "Firefox",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "74",
|
|
"version_affected": "<"
|
|
},
|
|
{
|
|
"version_value": "ESR68.6",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "Firefox ESR",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "68.6",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2020-08/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2020-08/"
|
|
},
|
|
{
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2020-10/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2020-10/"
|
|
},
|
|
{
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2020-09/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2020-09/"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1616661",
|
|
"refsource": "MISC",
|
|
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1616661"
|
|
},
|
|
{
|
|
"refsource": "UBUNTU",
|
|
"name": "USN-4328-1",
|
|
"url": "https://usn.ubuntu.com/4328-1/"
|
|
},
|
|
{
|
|
"refsource": "UBUNTU",
|
|
"name": "USN-4335-1",
|
|
"url": "https://usn.ubuntu.com/4335-1/"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6."
|
|
}
|
|
]
|
|
}
|
|
} |