CVE-2021-29987
17.08.2021, 20:15
After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91 and Thunderbird < 91.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 91.0 |
| mozilla | thunderbird | 𝑥 < 91.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||||||||||
| mozjs38 |
| ||||||||||||||||||||||
| mozjs52 |
| ||||||||||||||||||||||
| mozjs68 |
| ||||||||||||||||||||||
| mozjs78 |
| ||||||||||||||||||||||
| thunderbird |
|
References