Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-34473

Опубликовано: 22 дек. 2022
Источник: debian

Описание

The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed102.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/#CVE-2022-34473

Связанные уязвимости

ubuntu логотип

CVE-2022-34473

CVSS3: 6.1
ubuntu
почти 3 года назад

The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.

nvd логотип

CVE-2022-34473

CVSS3: 6.1
nvd
почти 3 года назад

The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.

github логотип

GHSA-h8wm-ccrj-94x5

CVSS3: 6.1
github
почти 3 года назад

The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code>&lt;use&gt;</code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.

suse-cvrf логотип

SUSE-SU-2022:3273-1

suse-cvrf
около 3 лет назад

Security update for MozillaFirefox

suse-cvrf логотип

SUSE-SU-2022:3272-1

suse-cvrf
около 3 лет назад

Security update for MozillaFirefox