CVE-2021-23973

Summary

When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox< 86affected
MozillaThunderbird< 78.8affected
MozillaFirefox ESR< 78.8affected

Weaknesses

  • MediaError message property could have leaked information about cross-origin resources

ADP Enrichment

CVE Program Container

Additional References

References