VDB
DEBIAN-CVE-2021-38506
DEBIAN-CVE-2021-38506
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Risk Scores
CVSS v3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | thunderbird | 1:78.14.0-1~deb9u1, 78.14.0-1, 78.14.0-1 |
| Debian:12 | firefox-esr | 0, 0, 0 |
| Debian:13 | firefox-esr | 0, 0, 0 |
| Debian:11 | firefox-esr | 91.3.0esr-2, *, * |
| Debian:13 | thunderbird | 0, 0, 0 |
| Debian:14 | firefox-esr | 0, 0, 0 |
| Debian:12 | thunderbird | 0, 0, 0 |
| Debian:14 | thunderbird | 0, 0, 0 |
Timeline
- Dec 8, 2021 CVE Published
- Apr 28, 2026 CVE Updated