Multiple Low Security Issues in Mozilla VPN by Mozilla
CVE-2021-29978

9.8CRITICAL

Key Information:

Vendor: Mozilla
Status: Mozilla Vpn
Vendor: CVE Published:; 5 August 2021

🔔 Create Mozilla Vulnerability Alert

What is CVE-2021-29978?

Mozilla VPN versions prior to 2.3 have been identified with several low security issues as a result of a comprehensive security audit. These vulnerabilities may compromise user security and should be addressed promptly. Users are advised to upgrade to the latest version to ensure the integrity of their VPN service.

Affected Version(s)

Mozilla VPN < 2.3

References

https://www.mozilla.org/security/advisories/mfsa2021-31/

x_refsource_MISC

https://github.com/mozilla-mobile/mozilla-vpn-client/issu...

x_refsource_MISC

https://github.com/mozilla-mobile/mozilla-vpn-client/issu...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 5, 2021
Vulnerability Reserved
Apr 1, 2021

.

The Cyber Security Vulnerability Database.