When an extension with the proxy permission registered to receive `<all_urls>`, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-35111
Acknowledgments: Name: the Mozilla project Upstream: Yassine Tioual
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:5564 https://access.redhat.com/errata/RHSA-2020:5564
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:5562 https://access.redhat.com/errata/RHSA-2020:5562
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2020:5563 https://access.redhat.com/errata/RHSA-2020:5563
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:5565 https://access.redhat.com/errata/RHSA-2020:5565
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5561 https://access.redhat.com/errata/RHSA-2020:5561
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-35111
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5618 https://access.redhat.com/errata/RHSA-2020:5618
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2020:5622 https://access.redhat.com/errata/RHSA-2020:5622
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:5624 https://access.redhat.com/errata/RHSA-2020:5624
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:5644 https://access.redhat.com/errata/RHSA-2020:5644
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:5645 https://access.redhat.com/errata/RHSA-2020:5645