Vulnerability Details CVE-2021-29978
Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN < 2.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 84.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/797
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/798
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/799
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/800
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/801
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/803
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/804
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/805
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/806
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/808
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/809
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/810
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/812
- https://github.com/mozilla-mobile/mozilla-vpn-client/pull/816
- https://www.mozilla.org/security/advisories/mfsa2021-31/
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/797
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/798
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/799
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/800
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/801
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/803
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/804
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/805
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/806
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/808
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/809
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/810
- https://github.com/mozilla-mobile/mozilla-vpn-client/issues/812
- https://github.com/mozilla-mobile/mozilla-vpn-client/pull/816
- https://www.mozilla.org/security/advisories/mfsa2021-31/
Products affected by CVE-2021-29978
-
cpe:2.3:a:mozilla:mozilla_vpn:*