VDB

DEBIAN-CVE-2021-43538

DEBIAN-CVE-2021-43538 PUBLISHED CVSS 4.300000190734863 MEDIUM

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

Risk Scores

CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Products

VendorProductVersions
Debian:12firefox-esr0, 0, 0
Debian:13thunderbird0, 0, 0
Debian:11firefox-esr78.14.0esr-1~deb10u1, 91.4.0esr-1, 91.4.1esr-1~deb9u1
Debian:12thunderbird0, 0, 0
Debian:14thunderbird0, 0, 0
Debian:14firefox-esr0, 0, 0
Debian:11thunderbird*, *, 0
Debian:13firefox-esr0, 0, 0

Exploit Intelligence

Timeline

  • Dec 8, 2021 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›