CVE-2020-15671

EUVD-2020-7658
When typing in a password under certain conditions, a race may have occured where the InputContext was not being correctly set for the input field, resulting in the typed password being saved to the keyboard dictionary. This vulnerability affects Firefox for Android < 80.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Debian logo
Debian Releases
Debian Product
Codename
firefox
sid
132.0.1-1
fixed
Common Weakness Enumeration
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1653862
https://www.mozilla.org/security/advisories/mfsa2020-39/
https://bugzilla.mozilla.org/show_bug.cgi?id=1653862
https://www.mozilla.org/security/advisories/mfsa2020-39/