VDB

DEBIAN-CVE-2021-23999

DEBIAN-CVE-2021-23999 PUBLISHED CVSS 8.800000190734863 HIGH

If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Debian:11thunderbird0, 0, 0
Debian:14firefox-esr0, 0, 0
Debian:14thunderbird0, 0, 0
Debian:12thunderbird0, 0, 0
Debian:13thunderbird0, 0, 0
Debian:12firefox-esr0, 0, 0
Debian:11firefox-esr0, 0, 0
Debian:13firefox-esr0, 0, 0

Timeline

  • Jun 24, 2021 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›