Astra Linux – Vulnerability in Firefox and Thunderbird

When reusing existing popups, Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

Astra Linux – Vulnerability in Firefox

A website could have obscured the fullscreen notification by using an option element, introducing a delay through a costly computational process. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox versions earlier than 115...

Astra Linux – Vulnerability in Firefox and Thunderbird

By misusing a race in our notification code, an attacker could have forcibly hide notifications for pages that had received full-screen and pointer-lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

SUSE CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

SUSE CVE-2023-6870

Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects Android versions of Firefox and Firefox Focus. This vulnerability affects Firefox 121...

Mozilla: Fullscreen notification obscured

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. This could have led to user confusion and possible spoofing attack...