VYPR
High severity7.5NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026

CVE-2016-9904

CVE-2016-9904

Description

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

30

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.