VDB

CVE-2021-23957

CVE-2021-23957 PUBLISHED

Reported by mozilla · Published February 26, 2021

Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85.

Affected Products

VendorProductVersions
MozillaFirefox< 85
alpinefirefox0, 0, 0
MozillaFirefox< 85
alpinelibrewolf0, 0, 0

Timeline

  • Feb 26, 2021 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score

References

  • x_refsource_MISC
  • x_refsource_MISC
Open in Interactive Console →
$ Console Community · 100/wk Open console ›