When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing. This vulnerability affects Firefox < 94.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1724233 | Issue Tracking Permissions Required Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2021-48/ | Vendor Advisory |
Configurations
History
10 Dec 2021, 16:52
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* | |
References | (MISC) https://www.mozilla.org/security/advisories/mfsa2021-48/ - Vendor Advisory | |
References | (MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1724233 - Issue Tracking, Permissions Required, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 4.3 |
08 Dec 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-08 22:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-43533
Mitre link : CVE-2021-43533
CVE.ORG link : CVE-2021-43533
JSON object : View
Products Affected
mozilla
- firefox
CWE