Lucene search

K
cveMozillaCVE-2022-29912
HistoryDec 22, 2022 - 8:15 p.m.

CVE-2022-29912

2022-12-2220:15:26
CWE-601
mozilla
web.nvd.nist.gov
403
4
cve-2022-29912
thunderbird
firefox esr
firefox
samesite
privacy
vulnerability
nvd

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

44.5%

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Affected configurations

Nvd
Vulners
Node
mozillafirefoxRange<100.0
OR
mozillafirefox_esrRange<91.9
OR
mozillathunderbirdRange<91.9
VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox_esr*cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Mozilla",
    "product": "Thunderbird",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "91.9",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Mozilla",
    "product": "Firefox ESR",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "91.9",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Mozilla",
    "product": "Firefox",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "100",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

44.5%