Thursday, March 4, 2021

Oracle Linux: (CVE-2021-23968) (Multiple Advisories): thunderbird security update

Description
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
Solution(s)
  • oracle-linux-upgrade-firefox
  • oracle-linux-upgrade-thunderbird


  • References
  • ELSA-2021-0657
  • CVE-2021-23968




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated