Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-23969

EPSS 0.76% · P73
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-23969

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mozilla Thunderbird 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mozilla Thunderbird是美国Mozilla基金会的一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Thunderbird 78.8 之前版本中存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
MozillaFirefox < 86 -
MozillaThunderbird < 78.8 -
MozillaFirefox ESR < 78.8 -

II. Public POCs for CVE-2021-23969

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-23969

登录查看更多情报信息。

Same Patch Batch · Mozilla · 2021-02-26 · 25 CVEs total

CVE-2021-23959Mozilla Firefox 跨站脚本漏洞
CVE-2021-23976Mozilla Firefox 安全漏洞
CVE-2021-23975Mozilla Firefox 安全漏洞
CVE-2021-23974Mozilla Firefox 安全漏洞
CVE-2021-23973Mozilla Thunderbird 安全漏洞
CVE-2021-23972Mozilla Firefox 安全漏洞
CVE-2021-23971Mozilla Firefox 安全漏洞
CVE-2021-23970Mozilla Firefox 安全漏洞
CVE-2021-23968Mozilla Thunderbird 安全漏洞
CVE-2021-23962Mozilla Firefox 安全漏洞
CVE-2021-23961Mozilla Firefox 安全漏洞
CVE-2021-23960Mozilla Firefox 安全漏洞
CVE-2021-23964Mozilla Firefox 缓冲区错误漏洞
CVE-2021-23958Mozilla Firefox 信息泄露漏洞
CVE-2021-23957Mozilla Firefox 安全漏洞
CVE-2021-23956Mozilla Firefox 安全漏洞
CVE-2021-23955Mozilla Firefox 安全漏洞
CVE-2021-23954Mozilla Firefox 安全漏洞
CVE-2021-23953Mozilla Firefox 安全漏洞
CVE-2021-23963Mozilla Firefox 安全漏洞

Showing top 20 of 25 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Firefox
Same vendor: Mozilla

V. Comments for CVE-2021-23969

No comments yet

Leave a comment