Описание
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
A vulnerability was found in Firefox due to a compromised content process updating the document URI. This flaw allows an attacker to set an arbitrary URI in the address bar or history.
Отчет
This vulnerability only affects Non ESR versions of Firefox and we don't ship Non ESR.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | firefox | Not affected | ||
| Red Hat Enterprise Linux 7 | firefox | Not affected | ||
| Red Hat Enterprise Linux 8 | firefox | Not affected | ||
| Red Hat Enterprise Linux 8 | firefox:flatpak/firefox | Not affected | ||
| Red Hat Enterprise Linux 9 | firefox | Not affected | ||
| Red Hat Enterprise Linux 9 | firefox:flatpak/firefox | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
A compromised content process could have updated the document URI. Thi ...
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
Уязвимость браузера Mozilla Firefox, связанная с недостатками разграничения доступа, позволяющая нарушителю установить произвольный URI в адресной строке или истории браузера
EPSS
4.3 Medium
CVSS3