Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2022-36317

HistoryDec 22, 2022 - 8:15 p.m.

CVE-2022-36317

2022-12-2220:15:35

Debian Security Bug Tracker

security-tracker.debian.org

denial of service

firefox

android

vulnerability

cve-2022-36317

session restore

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

35.0%

JSON

When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 103.

OSVersionArchitecturePackageVersionFilename
Debian999allfirefox< 127.0.2-1firefox_127.0.2-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	999	all	firefox	< 127.0.2-1	firefox_127.0.2-1_all.deb

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

35.0%

JSON

Related for DEBIANCVE:CVE-2022-36317