Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-37206

Опубликовано: 05 июл. 2023
Источник: ubuntu
Приоритет: medium
CVSS3: 6.5

Описание

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

code not present
esm-infra/focal

DNE

focal

released

115.0+build2-0ubuntu0.20.04.3
jammy

not-affected

code not present
kinetic

ignored

end of life, was needs-triage
lunar

not-affected

code not present
trusty

ignored

end of standard support
upstream

released

115.0-1
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

esm-infra/focal

DNE

focal

not-affected

jammy

not-affected

kinetic

ignored

end of life, was needed
lunar

not-affected

trusty

ignored

end of standard support
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

Ссылки на источники

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2023-37206

CVSS3: 6.5
nvd
больше 2 лет назад

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

debian логотип

CVE-2023-37206

CVSS3: 6.5
debian
больше 2 лет назад

Uploading files which contain symlinks may have allowed an attacker to ...

github логотип

GHSA-gwxw-rj4r-jxqv

CVSS3: 6.5
github
больше 2 лет назад

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

fstec логотип

BDU:2024-06933

CVSS3: 6.5
fstec
почти 3 года назад

Уязвимость веб-браузера Firefox, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю получить доступ к конфиденциальным данным

suse-cvrf логотип

SUSE-SU-2023:2886-1

suse-cvrf
больше 2 лет назад

Security update for MozillaFirefox, MozillaFirefox-branding-SLE

6.5 Medium

CVSS3