{"id":"CVE-2021-43543","details":"Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird \u003c 91.4.0, Firefox ESR \u003c 91.4.0, and Firefox \u003c 95.","modified":"2026-03-13T05:14:37.227711Z","published":"2021-12-08T22:15:09.947Z","related":["ALSA-2021:5013","ALSA-2021:5045","MGASA-2021-0551","MGASA-2021-0554","SUSE-SU-2021:14859-1","SUSE-SU-2021:3993-1","SUSE-SU-2021:3995-1","SUSE-SU-2021:4000-1","SUSE-SU-2021:4150-1","openSUSE-SU-2021:1575-1","openSUSE-SU-2021:1635-1","openSUSE-SU-2021:3993-1","openSUSE-SU-2021:4150-1","openSUSE-SU-2024:11669-1","openSUSE-SU-2024:11670-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00030.html"},{"type":"ADVISORY","url":"https://www.debian.org/security/2021/dsa-5026"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2021-53/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2021-54/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/01/msg00001.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202202-03"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202208-14"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5034"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2021-52/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1738418"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"95.0"}]},{"events":[{"introduced":"0"},{"fixed":"91.4.0"}]},{"events":[{"introduced":"0"},{"fixed":"91.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-43543.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}