Уязвимость CVE-2022-29909

Пакет	Статус	Версия исправления	Тип
firefox	fixed	100.0-1	package
firefox-esr	fixed	91.9.0esr-1	package
thunderbird	fixed	1:91.9.0-1	package

CVE-2022-29909

CVSS3: 8.8

ubuntu

больше 2 лет назад

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

CVE-2022-29909

CVSS3: 8.8

redhat

около 3 лет назад

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

CVE-2022-29909

CVSS3: 8.8

nvd

больше 2 лет назад

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

GHSA-557q-69q9-3wvh

CVSS3: 8.8

github

больше 2 лет назад

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

BDU:2022-03077

CVSS3: 7.5

fstec

около 3 лет назад

Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти существующие ограничения безопасности

exploitDog

CVE-2022-29909

Описание

Пакеты

Примечания

Связанные уязвимости