Information Disclosure

2021-03-2501:22:42

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.003 Low

EPSS

Percentile

70.0%

JSON

firefox is vulnerable to information disclosure. The vulnerability exists due to the Devtools remote debugging feature which could be enabled in a way that was unnoticable to the user, which allow an attacker to make direct network connection to the victim to monitor the user’s browsing activity and plaintext network traffic.

CPENameOperatorVersion
firefox:sideq83.0-1
firefox:sideq81.0-2
firefox:sideq82.0.3-1
firefox:bioniceq83.0+build2-0ubuntu0.18.04.2
firefox:bioniceq80.0+build2-0ubuntu0.18.04.1
firefox:bioniceq80.0.1+build1-0ubuntu0.18.04.1
firefox:bioniceq59.0.2+build1-0ubuntu1
firefox:focaleq80.0.1+build1-0ubuntu0.20.04.1
firefox:focaleq83.0+build2-0ubuntu0.20.04.1
firefox:focaleq80.0+build2-0ubuntu0.20.04.1

Name	Operator	Version
firefox:sid	eq	83.0-1
firefox:sid	eq	81.0-2
firefox:sid	eq	82.0.3-1
firefox:bionic	eq	83.0+build2-0ubuntu0.18.04.2
firefox:bionic	eq	80.0+build2-0ubuntu0.18.04.1
firefox:bionic	eq	80.0.1+build1-0ubuntu0.18.04.1
firefox:bionic	eq	59.0.2+build1-0ubuntu1
firefox:focal	eq	80.0.1+build1-0ubuntu0.20.04.1
firefox:focal	eq	83.0+build2-0ubuntu0.20.04.1
firefox:focal	eq	80.0+build2-0ubuntu0.20.04.1