How severe is CVE-2021-24000?

This vulnerability has a severity rating of LOW with a CVSS score of 3.1 out of 10.

What type of vulnerability is CVE-2021-24000?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2021-24000

LOW Year: 2021

CVSS v3 Score

3.1

Low

CVSS v2 Score

2.6

Low

Weakness Type

CWE-362

View all →

Vulnerability Description

A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type="file">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox < 88.

CVE-2016-4583

LOW

CVSS:3.1(Low)

WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing att...

CWE-3622016

CVE-2020-3894

LOW

CVSS:3.1(Low)

A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Wi...

CWE-3622020

CVE-2021-36181

LOW

CVSS:3.1(Low)

A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, l...

CWE-3622021

CVE-2022-0279

LOW

CVSS:3.1(Low)

The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the...

CWE-3622022