AVG-2149 log

Package firefox
Status Not affected
Severity High
Type multiple issues
Affected 89.0.2-1
Fixed 90.0-1
Current 128.0-1 [extra]
Ticket None
Created Tue Jul 13 15:34:39 2021
Issue Severity Remote Type Description
CVE-2021-29973 Medium Yes Information disclosure
Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the...
CVE-2021-29971 High Yes Access restriction bypass
If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be...