firefox-esr: Multiple vulnerabilities (CVE-2021-23953, CVE-2021-23954, CVE-2021-23960, CVE-2021-23964, CVE-2020-26976)ID: oval:org.secpod.oval:def:1801867 | Date: (C)2021-03-15 (M)2022-10-21 |
Class: PATCH | Family: unix |
CVE-2021-23953: Cross-origin information leakage via redirected PDF requests, CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements, CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC, CVE-2021-23964: Memory safety bugs, CVE-2020-26976: HTTPS pages could have been intercepted by a registered service worker when they should not have been.
Platform: |
Alpine Linux 3.13 |