Home / Early Warning / Vulnerabilidades / CVE-2021-43540

CVE-2021-43540

Type: 
Unavailable / Other
Severity: 
Medium
Publication date: 
12/08/2021
Last modified: 
03/16/2022
Description
WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + No impact on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields