AVG-2351 log

Package firefox
Status Not affected
Severity Medium
Type multiple issues
Affected 91.0.2-1
Fixed 92.0-1
Current 133.0.3-2 [extra]
Ticket None
Created Thu Sep 9 12:02:18 2021
Issue Severity Remote Type Description
CVE-2021-38492 Medium Yes Arbitrary command execution
When delegating navigations to the operating system, Firefox before version 91.1 and Thunderbird before version 78.14 would accept the `mk` scheme which...
CVE-2021-29993 Medium Yes Content spoofing
Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs.  This bug only affects Firefox...