mozilla
/
foundation-security-advisories
зеркало из https://github.com/mozilla/foundation-security-advisories.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Add a missing bug to the advisory

This commit is contained in:
Tom Ritter 2022-02-18 09:42:05 -05:00
Родитель 363aed139a
Коммит f86029c3f3
1 изменённых файлов: 10 добавлений и 2 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

8
announce/2021/mfsa2021-38.yml
Просмотреть файл

@ -31,6 +31,14 @@ advisories:
<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.* <br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*
bugs: bugs:
- url: 1721107 - url: 1721107
CVE-2021-4221:
title: Address bar spoofing on Firefox for Android due to RTL characters
impact: moderate
reporter: Rohan Sharma
description: |
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022.
bugs:
- url: 1704422
CVE-2021-38493: CVE-2021-38493:
title: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 title: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1
impact: high impact: high