Lucene search
Veracode Vulnerability DatabaseVERACODE:35793HistoryJun 01, 2022 - 3:40 p.m.
Path Traversal
2022-06-0115:40:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
25
0.002 Low
EPSS
Percentile
52.6%
firefox is vulnerable to Path Traversal. A remote attacker is able to use the % character in filenames to store the data outside of the intended directory using windows environment variables, such as %HOMEPATH% or %APPDATA%.
References
bugzilla.mozilla.org/show_bug.cgi?id=1765049
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.15/community.yaml
secdb.alpinelinux.org/v3.16/community.yaml
www.mozilla.org/security/advisories/mfsa2022-20/
www.mozilla.org/security/advisories/mfsa2022-21/
www.mozilla.org/security/advisories/mfsa2022-22/
Related
cve
cve
CVE-2022-31739
2022-12-22 20:15:28
alpinelinux
alpinelinux
CVE-2022-31739
2022-12-22 20:15:28
debiancve
debiancve
CVE-2022-31739
2022-12-22 20:15:28
ubuntucve
ubuntucve
CVE-2022-31739
2022-12-22 00:00:00
prion
prion
Code injection
2022-12-22 20:15:00
nvd
nvd
CVE-2022-31739
2022-12-22 20:15:28
cvelist
cvelist
CVE-2022-31739
2022-12-22 00:00:00
redhatcve
redhatcve
CVE-2022-31739
2022-05-31 14:53:00
nessus
nessus
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:1921-1)
2022-06-04 00:00:00
Mozilla Firefox ESR < 91.10
2022-05-31 00:00:00
SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:1927-1)
2022-06-03 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:1920-1)
2022-06-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1927-1)
2022-06-03 00:00:00
Mozilla Firefox ESR Security Advisory (MFSA2022-21) - Windows
2022-07-07 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2022-06-01 00:53:57
[slackware-security] mozilla-thunderbird
2022-06-02 19:43:23
kaspersky
kaspersky
KLA12546 Multiple vulnerabilities in Mozilla Firefox ESR
2022-05-31 00:00:00
KLA12547 Multiple vulnerabilities in Mozilla Thunderbird
2022-05-31 00:00:00
KLA12545 Multiple vulnerabilities in Mozilla Firefox
2022-05-31 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.10.0-alt1
2022-06-03 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.10.0-alt1
2022-06-03 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 91.10 — Mozilla
2022-05-31 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.10 — Mozilla
2022-05-31 00:00:00
Security Vulnerabilities fixed in Firefox 101 — Mozilla
2022-05-31 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2022-06-02 00:00:00
Security update for MozillaThunderbird (important)
2022-06-13 00:00:00
