Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-9395

Опубликовано: 01 окт. 2024
Источник: redhat
EPSS Низкий

Описание

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 131.

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog.

Отчет

This bug only affects Firefox Focus for Android. Firefox versions shipped by Red Hat are unaffected.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 9firefoxNot affected

Показывать по

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2315958firefox: Specially crafted filename could be used to obscure download type

EPSS

Процентиль: 31%
0.00114
Низкий

Связанные уязвимости

CVSS3: 5.3
ubuntu
9 месяцев назад

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

CVSS3: 5.3
nvd
9 месяцев назад

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

CVSS3: 5.3
debian
9 месяцев назад

A specially crafted filename containing a large number of spaces could ...

CVSS3: 5.3
github
9 месяцев назад

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

CVSS3: 4.3
fstec
9 месяцев назад

Уязвимость браузера Mozilla Firefox операционных систем Android, связанная с ложным представлением критической информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 31%
0.00114
Низкий