Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-29909HistoryDec 22, 2022 - 8:15 p.m.
CVE-2022-29909
2022-12-2220:15:25
Alpine Linux Development Team
security.alpinelinux.org
14
cross-origin
permissions
browsing
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.5%
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | firefox-esr | < 91.9.0-r0 | UNKNOWN |
| Alpine | edge-community | noarch | firefox | < 100.0-r0 | UNKNOWN |
| Alpine | edge-community | noarch | librewolf | < 100.0-r0 | UNKNOWN |
| Alpine | edge-community | noarch | thunderbird | < 91.9.0-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | firefox-esr | < 91.9.0-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | firefox-esr | < 91.9.0-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | firefox | < 100.0-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | thunderbird | < 91.9.0-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | firefox-esr | < 91.9.0-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | firefox | < 100.0-r0 | UNKNOWN |
Related
redhatcve
redhatcve
CVE-2022-29909
2022-05-03 20:24:31
veracode
veracode
Authentication Bypass
2022-05-07 02:03:54
prion
prion
Cross site scripting
2022-12-22 20:15:00
nvd
nvd
CVE-2022-29909
2022-12-22 20:15:25
cve
cve
CVE-2022-29909
2022-12-22 20:15:25
debiancve
debiancve
CVE-2022-29909
2022-12-22 20:15:25
cvelist
cvelist
CVE-2022-29909
2022-12-22 00:00:00
ubuntucve
ubuntucve
CVE-2022-29909
2022-05-04 00:00:00
centos
centos
firefox security update
2022-05-06 16:01:51
thunderbird security update
2022-05-06 16:02:55
nessus
nessus
Rocky Linux 8 : firefox (RLSA-2022:1705)
2023-11-07 00:00:00
RHEL 8 : firefox (RHSA-2022:1705)
2022-05-04 00:00:00
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:1757-1)
2022-05-20 00:00:00
openvas
openvas
CentOS: Security Advisory for firefox (CESA-2022:1703)
2022-05-07 00:00:00
openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2022:1748-1)
2022-05-21 00:00:00
Mozilla Firefox ESR Security Advisory (MFSA2022-17) - Windows
2022-07-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.9.0-alt1
2022-05-04 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.9.0-alt1
2022-05-04 00:00:00
osv
osv
Important: firefox security update
2022-05-04 11:04:22
firefox-esr - security update
2022-05-04 00:00:00
firefox-esr - security update
2022-05-05 00:00:00
kaspersky
kaspersky
KLA12521 Multiple vulnerabilities in Mozilla Firefox ESR
2022-05-03 00:00:00
KLA12522 Multiple vulnerabilities in Mozilla Thunderbird
2022-05-03 00:00:00
KLA12520 Multiple vulnerabilities in Mozilla Firefox
2022-05-03 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2022-05-19 00:00:00
Security update for MozillaThunderbird (important)
2022-05-17 00:00:00
oraclelinux
oraclelinux
firefox security update
2022-05-04 00:00:00
firefox security update
2022-05-04 00:00:00
firefox security update
2022-06-30 00:00:00
redos
redos
ROS-20220518-01
2022-05-18 00:00:00
ROS-20220518-02
2022-05-18 00:00:00
redhat
redhat
(RHSA-2022:4590) Important: firefox security update
2022-05-18 00:11:05
(RHSA-2022:1703) Important: firefox security update
2022-05-04 11:04:20
(RHSA-2022:1704) Important: firefox security update
2022-05-04 11:04:22
mageia
mageia
Updated firefox packages fix security vulnerability
2022-05-06 23:16:39
Updated thunderbird packages fix security vulnerability
2022-05-06 23:16:39
debian
debian
[SECURITY] [DLA 2994-1] firefox-esr security update
2022-05-05 12:25:21
[SECURITY] [DSA 5129-1] firefox-esr security update
2022-05-04 18:03:17
[SECURITY] [DSA 5141-1] thunderbird security update
2022-05-19 21:12:58
almalinux
almalinux
Important: firefox security update
2022-05-04 11:04:22
Important: thunderbird security update
2022-05-05 13:32:08
rocky
rocky
firefox security update
2022-05-04 11:04:22
thunderbird security update
2022-05-05 13:32:08
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 91.9 — Mozilla
2022-05-03 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.9 — Mozilla
2022-05-03 00:00:00
Security Vulnerabilities fixed in Firefox 100 — Mozilla
2022-05-03 00:00:00
archlinux
archlinux
[ASA-202205-4] firefox: multiple issues
2022-05-16 00:00:00
[ASA-202205-3] thunderbird: multiple issues
2022-05-16 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2022-05-11 00:00:00
Thunderbird vulnerabilities
2022-05-25 00:00:00
ibm
ibm
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2022-08-10 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2022-08-10 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.5%
Related for ALPINE:CVE-2022-29909