Lucene search
Veracode Vulnerability DatabaseVERACODE:37371HistoryOct 01, 2022 - 6:51 p.m.
Unauthorized Settings
2022-10-0118:51:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
firefox
vulnerability
mozilla
csp
base-uri
html element
0.001 Low
EPSS
Percentile
40.0%
firefox is vulnerable to authorized settings. The vulnerability exists due to a flaw in Mozilla which ignores the CSP’s base-uri settings and accept the injected element’s base when injecting an HTML base element.
Related
cvelist
cvelist
CVE-2022-40956
2022-12-22 00:00:00
prion
prion
Hardcoded credentials
2022-12-22 20:15:00
debiancve
debiancve
CVE-2022-40956
2022-12-22 20:15:38
cve
cve
CVE-2022-40956
2022-12-22 20:15:38
ubuntucve
ubuntucve
CVE-2022-40956
2022-09-28 00:00:00
nvd
nvd
CVE-2022-40956
2022-12-22 20:15:38
alpinelinux
alpinelinux
CVE-2022-40956
2022-12-22 20:15:38
redhatcve
redhatcve
CVE-2022-40956
2022-09-21 14:19:17
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0347)
2022-09-26 00:00:00
Mageia: Security Advisory (MGASA-2022-0344)
2022-09-22 00:00:00
Mozilla Firefox ESR Security Advisory (MFSA2022-41) - Mac OS X
2022-09-21 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2022-09-21 21:15:27
Updated thunderbird packages fix security vulnerabilities
2022-09-26 09:22:36
debian
debian
[SECURITY] [DLA 3123-1] thunderbird security update
2022-09-27 21:09:23
[SECURITY] [DLA 3121-1] firefox-esr security update
2022-09-26 19:09:19
[SECURITY] [DSA 5237-1] firefox-esr security update
2022-09-23 08:38:59
nessus
nessus
Oracle Linux 9 : firefox (ELSA-2022-6700)
2022-09-28 00:00:00
RHEL 9 : firefox (RHSA-2022:6700)
2022-09-26 00:00:00
RHEL 8 : firefox (RHSA-2022:6703)
2022-09-26 00:00:00
oraclelinux
oraclelinux
firefox security update
2022-09-28 00:00:00
firefox security update
2022-10-27 00:00:00
firefox security update
2022-09-28 00:00:00
rocky
rocky
firefox security update
2022-09-26 13:37:58
thunderbird security update
2022-09-26 13:56:07
almalinux
almalinux
Important: firefox security update
2022-09-26 00:00:00
Important: firefox security update
2022-09-26 00:00:00
Important: thunderbird security update
2022-09-26 00:00:00
osv
osv
Important: firefox security update
2022-09-26 00:00:00
Important: firefox security update
2022-09-26 00:00:00
Important: firefox security update
2022-09-26 13:37:58
redhat
redhat
(RHSA-2022:6707) Important: firefox security update
2022-09-26 13:49:21
(RHSA-2022:6701) Important: firefox security update
2022-09-26 13:35:54
(RHSA-2022:6703) Important: firefox security update
2022-09-26 13:38:49
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2022-09-29 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2022-09-29 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2022-09-20 22:59:20
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 102.3.0-alt1
2022-10-10 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 102.3.0-alt1
2022-10-09 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2022-09-30 00:00:00
Thunderbird vulnerabilities
2022-11-11 00:00:00
kaspersky
kaspersky
KLA19257 Multiple vulnerabilities in Mozilla Firefox ESR
2022-09-20 00:00:00
KLA19258 Multiple vulnerabilities in Mozilla Thunderbird
2022-09-20 00:00:00
KLA19256 Multiple vulnerabilities in Mozilla Firefox
2022-09-20 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 102.3 — Mozilla
2022-09-20 00:00:00
Security Vulnerabilities fixed in Thunderbird 102.3 — Mozilla
2022-09-20 00:00:00
Security Vulnerabilities fixed in Firefox 105 — Mozilla
2022-09-20 00:00:00
malwarebytes
malwarebytes
ibm
ibm
suse
suse
Security update for MozillaThunderbird (important)
2022-10-27 00:00:00
Security update for MozillaFirefox (important)
2022-09-26 00:00:00
redos
redos
ROS-20221007-05
2022-10-07 00:00:00
ROS-20221007-04
2022-10-07 00:00:00
amazon
amazon
Important: thunderbird
2022-12-01 20:32:00
Important: thunderbird
2022-12-01 20:32:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0035
2023-06-22 00:00:00