CVE-2021-23963 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-23963 Interim 1 6 2025-02-17T00:50:01Z current 2021-09-30T01:39:15Z 2025-02-17T00:50:01Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-23963 When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/ E-Mail link for openSUSE-SU-2024:14572-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed MozillaFirefox-92.0-1.2 MozillaFirefox-branding-upstream-92.0-1.2 MozillaFirefox-devel-92.0-1.2 MozillaFirefox-translations-common-92.0-1.2 MozillaFirefox-translations-other-92.0-1.2 firefox-esr-128.5.1-1.1 firefox-esr-branding-upstream-128.5.1-1.1 firefox-esr-translations-common-128.5.1-1.1 firefox-esr-translations-other-128.5.1-1.1 MozillaFirefox-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-devel-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-92.0-1.2 as a component of openSUSE Tumbleweed firefox-esr-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-branding-upstream-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-common-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-other-128.5.1-1.1 as a component of openSUSE Tumbleweed When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85. CVE-2021-23963 openSUSE Tumbleweed:MozillaFirefox-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-devel-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-common-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-other-92.0-1.2 openSUSE Tumbleweed:firefox-esr-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N