Lucene search

K

Redhat.comRH:CVE-2022-36059

HistorySep 01, 2022 - 9:54 a.m.

CVE-2022-36059

2022-09-0109:54:50

redhat.com

access.redhat.com

25

mozilla

thunderbird

denial of service

matrix chat protocol

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

0.0005 Low

EPSS

Percentile

18.5%

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Thunderbird users who use the Matrix chat protocol being vulnerable to a denial of service attack. An adversary sharing a room with a user could attack affected clients, making it not show all of a user’s rooms or spaces and causing minor temporary corruption.

References

bugzilla.redhat.com/show_bug.cgi?id=2123258

nvd.nist.gov/vuln/detail/CVE-2022-36059

www.cve.org/CVERecord?id=CVE-2022-36059

www.mozilla.org/en-US/security/advisories/mfsa2022-38/#CVE-2022-36059

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

0.0005 Low

EPSS

Percentile

18.5%

Related for RH:CVE-2022-36059

alpinelinux1 osv7 nvd1 debiancve1 ubuntucve1 prion1 cvelist1 cve1 github2 veracode1 freebsd1 nessus21 mozilla1 openvas6 slackware1 kaspersky1 altlinux1 oraclelinux3 redhat6 rocky1 almalinux2 ubuntu1 redos1 amazon2 suse1