CVE-2021-43544 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-43544 Interim 1 15 2025-02-17T00:24:44Z current 2021-12-08T01:48:30Z 2025-02-17T00:24:44Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-43544 When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/ E-Mail link for openSUSE-SU-2024:14572-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server for SAP Applications 12 SP5 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-95.0-1.1 MozillaFirefox-branding-upstream-95.0-1.1 MozillaFirefox-devel-95.0-1.1 MozillaFirefox-translations-common-95.0-1.1 MozillaFirefox-translations-other-95.0-1.1 firefox-esr-128.5.1-1.1 firefox-esr-branding-upstream-128.5.1-1.1 firefox-esr-translations-common-128.5.1-1.1 firefox-esr-translations-other-128.5.1-1.1 MozillaFirefox-95.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-95.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-devel-95.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-95.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-95.0-1.1 as a component of openSUSE Tumbleweed firefox-esr-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-branding-upstream-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-common-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-other-128.5.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95. CVE-2021-43544 openSUSE Tumbleweed:MozillaFirefox-95.0-1.1 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-95.0-1.1 openSUSE Tumbleweed:MozillaFirefox-devel-95.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-common-95.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-other-95.0-1.1 openSUSE Tumbleweed:firefox-esr-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L