High Vulnerabilities

Vulnerability Summary for the Week of March 1, 2021

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9 • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9 Entries may include additional information provided by organizations and efforts sponsored by Ug-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of Ug-CERT analysis.

Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

Accellion FTA 9_12_432 and earlier is CVE-2021- affected by argument injection via a crafted 2021-03- accellion -- fta 7.5 27730 POST request to an admin endpoint. The 02 MISC fixed version is FTA_9_12_444 and later.

The fix for CVE-2020-9484 was incomplete. CVE-2021- When using Apache Tomcat 10.0.0-M1 to 25329 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 2021-03- MLIST apache -- tomcat 7.5 7.0.0. to 7.0.107 with a configuration edge 01 MLIST case that was highly unlikely to be used, the CONFIRM Tomcat instance was still vulnerable to CVE- MLIST Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

2020-9494. Note that both the previously MLIST published prerequisites for CVE-2020-9484 MLIST and the previously published mitigations for MLIST CVE-2020-9484 also apply to this issue.

An issue was discovered in the bam crate CVE-2021- before 0.1.3 for Rust. There is an integer 2021-03- bam_project -- bam 7.5 28027 underflow and out-of-bounds write during the 05 MISC loading of a bgzip block.

In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible CVE-2020- 2021-03- bittacora -- bpanel without authentication and allow SQL 7.5 28657 02 injections, which could lead to platform MISC compromise.

An issue was discovered in the byte_struct CVE-2021- crate before 0.6.1 for Rust. There can be a 2021-03- byte_struct_project -- byte_struct 7.5 28033 drop of uninitialized memory if a certain 05 MISC deserialization method panics.

SQL injection in admin.php in doctor CVE-2021- doctor_appointment_system_project 2021-03- appointment system 1.0 allows an 7.5 27314 -- doctor_appointment_system 05 unauthenticated attacker to insert malicious MISC Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

SQL queries via username parameter at login page.

CVE-2021- EPrints 3.4.2 allows remote attackers to read 26703 arbitrary files and possibly execute 2021-03- eprints -- eprints 7.5 CONFIRM commands via crafted JSON/XML input to a 01 CONFIRM cgi/ajax/phrase URI. MISC

CVE-2021- EPrints 3.4.2 allows remote attackers to 2021-03- 26476 eprints -- eprints execute OS commands via crafted LaTeX 7.5 01 CONFIRM input to a cgi/cal?year= URI. MISC

Prototype pollution vulnerability in 'object- CVE-2021- collider' versions 1.0.0 through 1.0.3 allows 2021-03- 25914 fireblink -- object-collider 7.5 attacker to cause a denial of service and may 01 MISC lead to remote code execution. MISC

In performance driver, there is a possible out of bounds write due to a missing bounds CVE-2021- check. This could lead to local escalation of 2021-02- google -- android 7.2 0405 privilege with System execution privileges 26 MISC needed. User interaction is not needed for exploitation. Product: Android; Versions: Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

Android-10, Android-11; Patch ID: ALPS05466547.

In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege CVE-2021- 2021-02- google -- android with System execution privileges needed. 7.2 0402 26 User interaction is not needed for MISC exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05433311.

In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of CVE-2021- privilege with System execution privileges 2021-02- google -- android 7.2 0406 needed. User interaction is not needed for 26 MISC exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05471418.

An issue was discovered in the internment crate before 0.4.2 for Rust. There is a data CVE-2021- 2021-03- internment_project -- internment race that can cause memory corruption 7.5 28037 05 because of the unconditional implementation MISC of Sync for Intern. Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

CVE-2021- LMA ISIDA Retriever 5.2 allows SQL 2021-02- 26904 isida -- retriever 7.5 Injection. 26 MISC MISC

CVE-2021- 27804 JPEG XL (aka jpeg-xl) through 0.3.2 allows 2021-03- MISC jpeg -- jpeg_xl 7.5 writable memory corruption. 02 FULLDISC MISC MISC

CVE-2021- 25829 MISC An improper binary stream data handling MISC issue was found in the [core] module of MISC ONLYOFFICE DocumentServer v4.0.0-9- 2021-03- MISC onlyoffice -- document_server 7.8 v5.6.3. Using this bug, an attacker is able to 01 MISC produce a denial of service attack that can MISC eventually shut down the target server. MISC MISC MISC MISC Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

A SQL injection vulnerability in qcubed (all CVE-2020- versions including 3.1.1) in profile.php via 24913 the strQuery parameter allows an 2021-03- qcubed -- qcubed 7.5 MISC unauthenticated attacker to access the 04 MISC database by injecting SQL code via a crafted MISC POST request.

An issue was discovered in SaltStack Salt CVE-2021- before 3002.5. Sending crafted web requests 3148 to the Salt API can result in 2021-02- MISC saltstack -- salt salt.utils.thin.gen_thin() command injection 7.5 27 FEDORA because of different handling of single versus FEDORA double quotes. This is related to CONFIRM salt/utils/thin.py.

CVE-2021- An issue was discovered in through SaltStack 25283 Salt before 3002.5. The jinja renderer does 2021-02- MISC saltstack -- salt 7.5 not protect against server side template 27 FEDORA injection attacks. FEDORA CONFIRM

CVE-2021- An issue was discovered in through SaltStack 2021-02- 25281 saltstack -- salt Salt before 3002.5. salt-api does not honor 7.5 27 MISC eauth credentials for the wheel_async client. FEDORA Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

Thus, an attacker can remotely run any wheel FEDORA modules on the master. CONFIRM MISC

CVE-2021- An issue was discovered in SaltStack Salt 3197 before 3002.5. The salt-api's ssh client is 2021-02- MISC saltstack -- salt vulnerable to a shell injection by including 7.5 27 FEDORA ProxyCommand in an argument, or via FEDORA ssh_options provided in an API request. CONFIRM

CVE-2021- In SaltStack Salt before 3002.5, eauth tokens 3144 can be used once after expiration. (They 2021-02- MISC saltstack -- salt 7.5 might be used to run command against the 27 FEDORA salt master or minions.) FEDORA CONFIRM

An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The CVE-2021- 2021-03- scratchpad_project -- scratchpad move_elements function can have a double- 7.5 28031 05 free upon a panic in a user-provided f MISC function. Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by creating an election-event and injecting a CVE-2019- 2021-02- scytl -- secure_vote payload over an event alias, because the 7.5 25022 27 application calls MISC Runtime.getRuntime().exec() without validation.

SerComm AG Combo VD625 AGSOT_2.1.0 CVE-2021- sercomm -- devices allow CRLF injection (for HTTP 2021-02- 27132 7.5 agcombo_vd625_firmware header injection) in the download function 27 MISC via the Content-Disposition header. MISC

An issue was discovered in the stack_dst CVE-2021- crate before 0.6.1 for Rust. Because of the 2021-03- stack_dst_project -- stack_dst 7.5 28034 push_inner behavior, a double free can occur 05 MISC upon a val.clone() panic.

An issue was discovered in the stack_dst CVE-2021- crate before 0.6.1 for Rust. Because of the 2021-03- stack_dst_project -- stack_dst 7.5 28035 push_inner behavior, a drop of uninitialized 05 MISC memory can occur upon a val.clone() panic. Primary CVSS Source & Description Published Vendor -- Product Score Patch Info

An issue was discovered in the toodee crate CVE-2021- 2021-03- toodee_project -- toodee before 0.3.0 for Rust. Row insertion can 7.5 28028 05 cause a double free upon an iterator panic. MISC

CVE-2021- The package total.js before 3.4.8 are 2021-03- 23344 totaljs -- total.js vulnerable to Remote Code Execution (RCE) 7.5 04 MISC via set. MISC

An issue was discovered in Visualware MyConnection Server through 11.0b build 5382. Unauthenticated Remote Code CVE-2021- Execution can occur via Arbitrary File 27198 Upload in the web service when using a 2021-02- MISC visualware -- myconnection_server 10 myspeed/sf?filename= URI. This application 26 MISC is written in Java and is thus cross-platform. MISC The Windows installation runs as SYSTEM, MISC which means that exploitation gives one Administrator privileges on the target system.

Medium Vulnerabilities CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing CVE- remote visibility of the PLC state. If a user 2020- attempts to login to the PLC while this 2021-02- abb -- pm554_firmware 5 24686 vulnerability is exploited, the PLC will show an 26 CONFIR error state and refuse connections to Automation M Builder. The execution of the PLC application is not affected by this vulnerability. This issue affects ABB AC500 V2 products with onboard Ethernet.

Accellion FTA 9_12_432 and earlier is affected by CVE- stored XSS via a crafted POST request to a user 2021-03- 2021- accellion -- fta 4.3 endpoint. The fixed version is FTA_9_12_444 and 02 27731 later. MISC

aiohttp is an asynchronous HTTP client/server CVE- framework for asyncio and Python. In aiohttp 2021- before version 3.7.4 there is an open redirect 21330 vulnerability. A maliciously crafted link to an 2021-02- MISC aiohttp_project -- aiohttp aiohttp-based web-server could redirect the 5.8 26 MISC browser to a different website. It is caused by a CONFIR bug in the M `aiohttp.web_middlewares.normalize_path_middle FEDORA ware` middleware. This security problem has been CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

fixed in 3.7.4. Upgrade your dependency using pip MISC as follows "pip install aiohttp >= 3.7.4". If DEBIAN upgrading is not an option for you, a workaround can be to avoid using `aiohttp.web_middlewares.normalize_path_middle ware` in your applications.

CVE- 2021- 25122 When responding to new h2c connection requests, MLIST Apache Tomcat versions 10.0.0-M1 to 10.0.0, CONFIR 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could M 2021-03- apache -- tomcat duplicate request headers and a limited amount of 5 MLIST 01 request body from one request to another meaning MLIST user A and user B could both see the results of user MLIST A's request. MLIST MLIST MLIST MLIST

The ResourceDownloadRewriteRule class in CVE- Crowd before version 4.0.4, and from version 4.1.0 2021-03- 2020- atlassian -- crowd 5 before 4.1.2 allowed unauthenticated remote 01 36240 attackers to read arbitrary files within WEB-INF MISC CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

and META-INF directories via an incorrect path access check.

CVE- best it Amazon Pay Plugin before 9.4.2 for 2020- 2021-02- bestit -- amazon_pay Shopware exposes Sensitive Information to an 6.4 28199 26 Unauthorized Actor. MISC MISC

CVE- courier_management_system_pro Courier Management System 1.0 1.0 is affected by 2021-03- 2020- ject -- 4 SQL Injection via 'MULTIPART street '. 04 35329 courier_management_system MISC

CVE- In Dataiku DSS before 8.0.6, insufficient access 2021- control in the Jupyter notebooks integration allows 2021-03- 27225 dataiku -- data_science_studio users (who have coding permissions) to read and 5.5 01 CONFIR overwrite notebooks in projects that they are not M authorized to access. MISC

In Eclipse Jetty 9.4.6.v20170531 to 2021-02- CVE- eclipse -- jetty 5 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 26 2020- CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

when Jetty handles a request containing multiple 27223 Accept headers with a large number of “quality” CONFIR (i.e. q) parameters, the server may enter a denial of M service (DoS) state due to high CPU usage CONFIR processing those quality values, resulting in M minutes of CPU time exhausted processing those MLIST quality values. MLIST MLIST MLIST MLIST MLIST MISC MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MISC MLIST CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

MLIST MLIST

CVE- 2021- EPrints 3.4.2 allows remote attackers to read 3342 arbitrary files and possibly execute commands via 2021-03- CONFIR eprints -- eprints 6.8 crafted LaTeX input to a cgi/latex2png?latex= 01 M URI. CONFIR M MISC

CVE- 2021- EPrints 3.4.2 exposes a reflected XSS opportunity 2021-03- 26475 eprints -- eprints 4.3 in the via a cgi/cal URI. 01 CONFIR M MISC

CVE- EPrints 3.4.2 exposes a reflected XSS opportunity 2021-03- 2021- eprints -- eprints in the dataset parameter to the 4.3 01 26702 cgi/dataset_dictionary URI. CONFIR CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

M MISC

CVE- 2021- 26704 EPrints 3.4.2 allows remote attackers to execute 2021-03- CONFIR eprints -- eprints arbitrary commands via crafted input to the verb 6.5 01 M parameter in a cgi/toolbox/toolbox URI. CONFIR M MISC

In vpu, there is a possible memory corruption due to a race condition. This could lead to local CVE- escalation of privilege with System execution 2021-02- 2021- google -- android privileges needed. User interaction is not needed 6.9 26 0367 for exploitation. Product: Android; Versions: MISC Android-10, Android-11; Patch ID: ALPS05371580; Issue ID: ALPS05379085.

In vow, there is a possible memory corruption due CVE- to a race condition. This could lead to local 2021-02- 2021- google -- android 6.9 escalation of privilege with System execution 26 0401 privileges needed. User interaction is needed for MISC CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

exploitation. Product: Android; Versions: Android- 10, Android-11; Patch ID: ALPS05418265.

In vpu, there is a possible memory corruption due to a race condition. This could lead to local CVE- escalation of privilege with System execution 2021-02- 2021- google -- android privileges needed. User interaction is not needed 6.9 26 0366 for exploitation. Product: Android; Versions: MISC Android-10, Android-11; Patch ID: ALPS05371580; Issue ID: ALPS05379093.

CVE- 2021- LMA ISIDA Retriever 5.2 is vulnerable to XSS via 2021-02- isida -- retriever 4.3 26903 query['text']. 26 MISC MISC

CVE- An issue was discovered in Joomla! 3.2.0 through 2021-03- 2021- joomla -- joomla\! 3.9.24. Usage of the insecure rand() function 5 04 23126 within the process of generating the 2FA secret. MISC CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

CVE- An issue was discovered in Joomla! 3.2.0 through 2021-03- 2021- joomla -- joomla\! 3.9.24. Missing input validation within the 5 04 23131 template manager. MISC

CVE- An issue was discovered in Joomla! 3.0.0 through 2021-03- 2021- joomla -- joomla\! 3.9.24. com_media allowed paths that are not 5 04 23132 intended for image uploads MISC

CVE- An issue was discovered in Joomla! 2.5.0 through 2021-03- 2021- joomla -- joomla\! 3.9.24. Missing filtering of feed fields could lead 4.3 04 23130 to xss issues. MISC

CVE- An issue was discovered in Joomla! 2.5.0 through 2021-03- 2021- joomla -- joomla\! 3.9.24. Missing filtering of messages showed to 4.3 04 23129 users that could lead to xss issues. MISC

An issue was discovered in Joomla! 3.2.0 through 2021-03- CVE- joomla -- joomla\! 3.9.24. The core shipped but unused randval 6.4 04 2021- implementation within FOF (FOFEncryptRandval) CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

used an potential insecure implemetation. That has 23128 now been replaced with a call to 'random_bytes()' MISC and its backport that is shipped within random_compat.

An issue was discovered in Joomla! 3.2.0 through CVE- 3.9.24. Usage of an insufficient length for the 2FA 2021-03- 2021- joomla -- joomla\! 6.4 secret accoring to RFC 4226 of 10 bytes vs 20 04 23127 bytes. MISC

A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue CVE- Disk (KRD) and was trusted by the Authentication 2020- Agent of Full Disk Encryption in Kaspersky 2021-02- kaspersky -- endpoint_security 4.6 26200 Endpoint Security (KES). This issue allowed to 26 MISC bypass the UEFI Secure Boot security feature. An MISC attacker would need physical access to the computer to exploit it. Otherwise, local administrator privileges would be required to modify the boot loader component. CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a CVE- malicious homeserver could redirect requests to 2021- their .well-known file to a large file. This can lead 21274 to a denial of service attack where homeservers 2021-02- MISC matrix -- synapse will consume significantly more resources when 4.3 26 MISC requesting the .well-known file of a malicious MISC homeserver. This affects any server which accepts CONFIR federation requests from untrusted servers. Issue is M resolved in version 1.25.0. As a workaround the `federation_domain_whitelist` setting can be used to restrict the homeservers communicated with over federation.

Synapse is a Matrix reference homeserver written CVE- in python (pypi package matrix-synapse). Matrix is 2021- an ecosystem for open federated Instant Messaging 21273 and VoIP. In Synapse before version 1.25.0, 2021-02- MISC matrix -- synapse requests to user provided domains were not 5.8 26 MISC restricted to external IP addresses when calculating MISC the key validity for third-party invite events and CONFIR sending push notifications. This could cause M Synapse to make requests to internal infrastructure. CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

The type of request was not controlled by the user, although limited modification of request bodies was possible. For the most thorough protection server administrators should remove the deprecated `federation_ip_range_blacklist` from their settings after upgrading to Synapse v1.25.0 which will result in Synapse using the improved default IP address restrictions. See the new `ip_range_blacklist` and `ip_range_whitelist` settings if more specific control is necessary.

CVE- Micro Focus Solutions Business Manager versions microfocus -- 2021-02- 2019- prior to 11.7.1 are vulnerable to XML External 5.2 solutions_business_manager 26 18943 Entity Processing (XXE) on certain operations. MISC

CVE- Micro Focus Solutions Business Manager 2019- microfocus -- 2021-02- Application Repository versions prior to 11.7.1 are 5.2 18945 solutions_business_manager 26 vulnerable to privilege escalation vulnerability. CONFIR M

Mozilla developers reported memory safety bugs 2021-02- CVE- mozilla -- firefox 6.8 present in Firefox 85. Some of these bugs showed 26 2021- CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

evidence of memory corruption and we presume 23979 that with enough effort some of these could have MISC been exploited to run arbitrary code. This MISC vulnerability affects Firefox < 86.

CVE- Using the new logical assignment operators in a 2021- JavaScript switch statement could have caused a 23954 type confusion, leading to a memory corruption 2021-02- mozilla -- firefox 6.8 MISC and a potentially exploitable crash. This 26 MISC vulnerability affects Firefox < 85, Thunderbird < MISC 78.7, and Firefox ESR < 78.7. MISC

CVE- Performing garbage collection on re-declared 2021- JavaScript variables resulted in a user-after-poison, 23960 2021-02- mozilla -- firefox and a potentially exploitable crash. This 6.8 MISC 26 vulnerability affects Firefox < 85, Thunderbird < MISC 78.7, and Firefox ESR < 78.7. MISC MISC

If a user clicked into a specifically crafted PDF, the CVE- 2021-02- mozilla -- firefox PDF reader could be confused into leaking cross- 4.3 2021- 26 origin information, when said information is 23953 CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

served as chunked data. This vulnerability affects MISC Firefox < 85, Thunderbird < 78.7, and Firefox ESR MISC < 78.7. MISC MISC

CVE- The browser could have been confused into 2021- transferring a pointer lock state into another tab, 2021-02- mozilla -- firefox 4.3 23955 which could have lead to clickjacking attacks. This 26 MISC vulnerability affects Firefox < 85. MISC

CVE- Incorrect use of the '' 2021- method could have led to a user-after-poison and a 2021-02- mozilla -- firefox 6.8 23962 potentially exploitable crash. This vulnerability 26 MISC affects Firefox < 85. MISC

Mozilla developers reported memory safety bugs CVE- present in Firefox 84 and Firefox ESR 78.6. Some 2021- of these bugs showed evidence of memory 23964 2021-02- mozilla -- firefox corruption and we presume that with enough effort 6.8 MISC 26 some of these could have been exploited to run MISC arbitrary code. This vulnerability affects Firefox < MISC 85, Thunderbird < 78.7, and Firefox ESR < 78.7. MISC CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

Mozilla developers reported memory safety bugs CVE- present in Firefox 84. Some of these bugs showed 2021- evidence of memory corruption and we presume 2021-02- mozilla -- firefox 6.8 23965 that with enough effort some of these could have 26 MISC been exploited to run arbitrary code. This MISC vulnerability affects Firefox < 85.

One phishing tactic on the web is to provide a link with HTTP Auth. For example CVE- 'https://[email protected]'. To 2021- mitigate this type of attack, Firefox will display a 2021-02- mozilla -- firefox 6.8 23972 warning dialog; however, this warning dialog 26 MISC would not have been displayed if evil.com used a MISC redirect that was cached by the browser. This vulnerability affects Firefox < 86.

An ambiguous file picker design could have CVE- confused users who intended to select and upload a 2021- 2021-02- mozilla -- firefox single file into uploading a whole directory. This 4.3 23956 26 was addressed by adding a new prompt. This MISC vulnerability affects Firefox < 85. MISC

Mozilla developers reported memory safety bugs 2021-02- CVE- mozilla -- firefox 6.8 present in Firefox 85 and Firefox ESR 78.7. Some 26 2021- CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

of these bugs showed evidence of memory 23978 corruption and we presume that with enough effort MISC some of these could have been exploited to run MLIST arbitrary code. This vulnerability affects Firefox < DEBIAN 86, Thunderbird < 78.8, and Firefox ESR < 78.8. MISC MISC MISC

As specified in the W3C Content Security Policy draft, when creating a violation report, "User CVE- agents need to ensure that the source file is the 2021- URL requested by the page, pre-redirects. If that’s 23969 not possible, user agents need to strip the URL MISC down to an origin to avoid unintentional leakage." 2021-02- mozilla -- firefox 4.3 MLIST Under certain types of redirects, Firefox 26 DEBIAN incorrectly set the source file to be the destination MISC of the redirects. This was fixed to be the redirect MISC destination's origin. This vulnerability affects MISC Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

The developer page about:memory has a Measure CVE- function for exploring what object types the 2021-02- mozilla -- firefox 4.3 2021- browser has allocated and their sizes. When this 26 23975 function was invoked we incorrectly called the CVS Source & Primary Publishe S Description Patch Vendor -- Product d Scor Info e

sizeof function, instead of using the API method MISC that checks for invalid pointers. This vulnerability MISC affects Firefox < 86.

CVE- The DOMParser API did not properly process 2021- '