Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2020-35111
HistoryJan 07, 2021 - 2:15 p.m.

CVE-2020-35111

2021-01-0714:15:00
Alpine Linux Development Team
security.alpinelinux.org
22

0.001 Low

EPSS

Percentile

41.8%

When an extension with the proxy permission registered to receive <all_urls>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.