{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "< 86"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "< 78.8"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "< 78.8"}]}], "descriptions": [{"lang": "en", "value": "As specified in the W3C Content Security Policy draft, when creating a violation report, \"User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that\u2019s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage.\" Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8."}], "problemTypes": [{"descriptions": [{"description": "Content Security Policy violation report could have contained the destination of a redirect", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-01T01:08:11", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-07/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-09/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-08/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542194"}, {"name": "[debian-lts-announce] 20210301 [SECURITY] [DLA 2578-1] thunderbird security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00000.html"}, {"name": "DSA-4866", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4866"}, {"name": "GLSA-202104-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202104-10"}, {"name": "GLSA-202104-09", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202104-09"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-23969", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_value": "< 86"}]}}, {"product_name": "Thunderbird", "version": {"version_data": [{"version_value": "< 78.8"}]}}, {"product_name": "Firefox ESR", "version": {"version_data": [{"version_value": "< 78.8"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "As specified in the W3C Content Security Policy draft, when creating a violation report, \"User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that\u2019s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage.\" Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Content Security Policy violation report could have contained the destination of a redirect"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2021-07/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-07/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-09/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-09/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-08/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-08/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542194", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542194"}, {"name": "[debian-lts-announce] 20210301 [SECURITY] [DLA 2578-1] thunderbird security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00000.html"}, {"name": "DSA-4866", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4866"}, {"name": "GLSA-202104-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202104-10"}, {"name": "GLSA-202104-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202104-09"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:14:09.977Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-07/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-09/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-08/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542194"}, {"name": "[debian-lts-announce] 20210301 [SECURITY] [DLA 2578-1] thunderbird security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00000.html"}, {"name": "DSA-4866", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2021/dsa-4866"}, {"name": "GLSA-202104-10", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202104-10"}, {"name": "GLSA-202104-09", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202104-09"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-23969", "datePublished": "2021-02-26T01:57:45", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:14:09.977Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "89580DC6-183F-46F0-A27E-4E16D6B10EB6", "versionEndExcluding": "86.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A523AED-F145-4D51-BF78-95B61B8A0B34", "versionEndExcluding": "78.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "3ABA16AF-38C2-4445-B41F-9228C97A89C1", "versionEndExcluding": "78.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "As specified in the W3C Content Security Policy draft, when creating a violation report, \"User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that\u2019s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage.\" Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8."}, {"lang": "es", "value": "Como se especifica en el borrador de la Pol\u00edtica de Seguridad de Contenido W3C, cuando se crea un informe de infracci\u00f3n, \"Los agentes de usuario necesitan asegurar que el archivo de origen sea la URL solicitada por la p\u00e1gina, redireccionamientos previos. Si eso no es posible, los agentes de usuario deben reducir la URL a un origen para evitar fugas involuntarias\". Bajo determinados tipos de redireccionamientos, Firefox ajust\u00f3 incorrectamente el archivo de origen como el destino de los redireccionamientos.&#xa0;Se corrigi\u00f3 que este fuera el origen del destino de redireccionamiento.&#xa0;Esta vulnerabilidad afecta a Firefox versiones anteriores a 86, Thunderbird versiones anteriores a 78,8 y Firefox ESR versiones anteriores a 78,8"}], "id": "CVE-2021-23969", "lastModified": "2024-11-21T05:52:07.350", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-26T02:15:12.947", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542194"}, {"source": "security@mozilla.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00000.html"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202104-09"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202104-10"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4866"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-07/"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-08/"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-09/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542194"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202104-09"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202104-10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4866"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-07/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-08/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-09/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Masato Kinugawa as the original reporter.", "affected_release": [{"advisory": "RHSA-2021:0656", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:78.8.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-02-24T00:00:00Z"}, {"advisory": "RHSA-2021:0661", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:78.8.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-02-24T00:00:00Z"}, {"advisory": "RHSA-2021:0655", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:78.8.0-1.el8_3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-02-24T00:00:00Z"}, {"advisory": "RHSA-2021:0657", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:78.8.0-1.el8_3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-02-24T00:00:00Z"}, {"advisory": "RHSA-2021:0658", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "thunderbird-0:78.8.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-02-24T00:00:00Z"}, {"advisory": "RHSA-2021:0659", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "firefox-0:78.8.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-02-24T00:00:00Z"}, {"advisory": "RHSA-2021:0660", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "firefox-0:78.8.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-02-24T00:00:00Z"}, {"advisory": "RHSA-2021:0662", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:78.8.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-02-24T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Content Security Policy violation report could have contained the destination of a redirect", "id": "1932109", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932109"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["As specified in the W3C Content Security Policy draft, when creating a violation report, \"User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that\u2019s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage.\" Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8."], "name": "CVE-2021-23969", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2021-02-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-23969\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-23969\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2021-08/#CVE-2021-23969"], "threat_severity": "Important"}