Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-43545HistoryDec 08, 2021 - 10:15 p.m.
CVE-2021-43545
2021-12-0822:15:00
Debian Security Bug Tracker
security-tracker.debian.org
22
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
67.8%
Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 95.0-1 | firefox_95.0-1_all.deb |
| Debian | 12 | all | firefox-esr | < 91.4.0esr-1 | firefox-esr_91.4.0esr-1_all.deb |
| Debian | 11 | all | firefox-esr | < 91.4.1esr-1~deb11u1 | firefox-esr_91.4.1esr-1~deb11u1_all.deb |
| Debian | 10 | all | firefox-esr | < 91.4.0esr-1 | firefox-esr_91.4.0esr-1_all.deb |
| Debian | 999 | all | firefox-esr | < 91.4.0esr-1 | firefox-esr_91.4.0esr-1_all.deb |
| Debian | 13 | all | firefox-esr | < 91.4.0esr-1 | firefox-esr_91.4.0esr-1_all.deb |
| Debian | 12 | all | thunderbird | < 1:91.4.0-1 | thunderbird_1:91.4.0-1_all.deb |
| Debian | 11 | all | thunderbird | < 1:91.4.1-1~deb11u1 | thunderbird_1:91.4.1-1~deb11u1_all.deb |
| Debian | 10 | all | thunderbird | < 1:91.4.1-1~deb10u1 | thunderbird_1:91.4.1-1~deb10u1_all.deb |
| Debian | 999 | all | thunderbird | < 1:91.4.0-1 | thunderbird_1:91.4.0-1_all.deb |
Related
veracode
veracode
Denial Of Service (DoS)
2021-12-10 07:39:17
prion
prion
Design/Logic Flaw
2021-12-08 22:15:00
cve
cve
CVE-2021-43545
2021-12-08 22:15:00
alpinelinux
alpinelinux
CVE-2021-43545
2021-12-08 22:15:00
ubuntucve
ubuntucve
CVE-2021-43545
2021-12-08 00:00:00
redhatcve
redhatcve
CVE-2021-43545
2021-12-08 02:49:50
nessus
nessus
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2021:5014)
2021-12-08 00:00:00
openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2021:1575-1)
2021-12-17 00:00:00
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14859-1)
2021-12-11 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2021-12-10 00:00:00
Security update for MozillaFirefox (important)
2021-12-12 00:00:00
Security update for MozillaThunderbird (important)
2021-12-29 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:4000-1)
2021-12-13 00:00:00
Mozilla Firefox ESR Security Advisory (MFSA2021-53) - Windows
2021-12-12 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3995-1)
2021-12-11 00:00:00
oraclelinux
oraclelinux
firefox security update
2021-12-08 00:00:00
firefox security update
2021-12-09 00:00:00
thunderbird security update
2021-12-10 00:00:00
osv
osv
Important: firefox security update
2021-12-08 09:42:58
firefox vulnerabilities
2021-12-09 18:55:33
Important: thunderbird security update
2021-12-09 12:14:59
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.4.0-alt1
2021-12-14 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.4.0-alt1
2021-12-21 00:00:00
almalinux
almalinux
Important: firefox security update
2021-12-08 09:42:58
Important: thunderbird security update
2021-12-09 12:14:59
ubuntu
ubuntu
Firefox regressions
2021-12-20 00:00:00
Firefox vulnerabilities
2021-12-09 00:00:00
Thunderbird vulnerabilities
2022-01-21 00:00:00
archlinux
archlinux
[ASA-202112-9] thunderbird: multiple issues
2021-12-11 00:00:00
[ASA-202112-8] firefox: multiple issues
2021-12-11 00:00:00
redhat
redhat
(RHSA-2021:5014) Important: firefox security update
2021-12-08 09:42:59
(RHSA-2021:5013) Important: firefox security update
2021-12-08 09:42:58
(RHSA-2021:5016) Important: firefox security update
2021-12-08 09:44:25
rocky
rocky
firefox security update
2021-12-08 09:42:58
thunderbird security update
2021-12-09 12:14:59
centos
centos
firefox security update
2021-12-14 00:04:22
kaspersky
kaspersky
KLA12375 Multiple vulnerabilities in Mozilla Firefox ESR
2021-12-07 00:00:00
KLA12376 Multiple vulnerabilities in Mozilla Thunderbird
2021-12-07 00:00:00
KLA12374 Multiple vulnerabilities in Mozilla Firefox
2021-12-07 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerability
2021-12-11 01:19:07
Updated thunderbird packages fix security vulnerability
2021-12-11 01:19:07
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 91.4.0 — Mozilla
2021-12-07 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.4.0 — Mozilla
2021-12-07 00:00:00
Security Vulnerabilities fixed in Firefox 95 — Mozilla
2021-12-07 00:00:00
debian
debian
[SECURITY] [DLA 2863-1] firefox-esr security update
2021-12-29 14:08:44
[SECURITY] [DSA 5026-1] firefox-esr security update
2021-12-19 15:23:09
[SECURITY] [DLA 2874-1] thunderbird security update
2022-01-04 10:10:10
ibm
ibm
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2022-02-21 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2022-08-10 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
67.8%
Related for DEBIANCVE:CVE-2021-43545