CVE-2021-38510 - log back

CVE-2021-38510 edited at 03 Nov 2021 16:46:26
References
- https://www.mozilla.org/security/advisories/mfsa2021-48/.
+ https://www.mozilla.org/security/advisories/mfsa2021-48/
https://www.mozilla.org/security/advisories/mfsa2021-50/
https://bugzilla.mozilla.org/show_bug.cgi?id=1731779
CVE-2021-38510 edited at 03 Nov 2021 16:46:06
Description
- The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.
+ A security issue has been found in Firefox before version 94 and Thunderbird before version 91.3. The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.
Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.
References
- https://www.mozilla.org/security/advisories/mfsa2021-48/
+ https://www.mozilla.org/security/advisories/mfsa2021-48/.
+ https://www.mozilla.org/security/advisories/mfsa2021-50/
https://bugzilla.mozilla.org/show_bug.cgi?id=1731779
CVE-2021-38510 created at 02 Nov 2021 13:16:46
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.
+
+ Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.
References
+ https://www.mozilla.org/security/advisories/mfsa2021-48/
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1731779
Notes