8.8
CVE-2021-38500
- EPSS 1.94%
- Veröffentlicht 03.11.2021 01:15:07
- Zuletzt bearbeitet 21.11.2024 06:17:15
- Quelle security@mozilla.org
- Teams Watchlist Login
- Unerledigt Login
Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Firefox ESR Version < 78.15
Mozilla ≫ Thunderbird Version < 78.15
Mozilla ≫ Thunderbird Version >= 91.0 < 91.2
Debian ≫ Debian Linux Version9.0
Debian ≫ Debian Linux Version10.0
Debian ≫ Debian Linux Version11.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.94% | 0.828 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|