vulnerability
Ubuntu: (CVE-2021-29955): firefox vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:N/AC:H/Au:N/C:P/I:N/A:N) | Jun 24, 2021 | Nov 19, 2024 | Aug 18, 2025 |
Severity
3
CVSS
(AV:N/AC:H/Au:N/C:P/I:N/A:N)
Published
Jun 24, 2021
Added
Nov 19, 2024
Modified
Aug 18, 2025
Description
A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87.
Solution
ubuntu-upgrade-firefox
References
- CVE-2021-29955
- https://attackerkb.com/topics/CVE-2021-29955
- CWE-74
- URL-https://bugzilla.mozilla.org/show_bug.cgi?id=1692972
- URL-https://www.cve.org/CVERecord?id=CVE-2021-29955
- URL-https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/#CVE-2021-29955
- URL-https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/#CVE-2021-29955
- URL-https://www.mozilla.org/security/advisories/mfsa2021-10/
- URL-https://www.mozilla.org/security/advisories/mfsa2021-11/
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.