Denial Of Service (DoS)

2022-01-1405:55:36

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

JSON

firefox is vulnerable to denial of service. The vulnerability exists due to handling Empty Pkcs7 Sequence.

CPENameOperatorVersion
firefoxeq78.10.0__1.el7.centos
firefoxeq68.7.0__2.el8_1
firefoxeq68.6.0__1.el8_1
firefoxeq78.12.0__1.el7.centos
firefoxeq68.1.0__1.el8_0
firefoxeq78.8.0__1.el8_3
firefoxeq68.10.0__1.el8_2
firefoxeq38.2.1__1.ael7b_1
firefoxeq60.5.0__2.el7.centos
firefoxeq68.6.1__1.el7.centos

Name	Operator	Version
firefox	eq	78.10.0__1.el7.centos
firefox	eq	68.7.0__2.el8_1
firefox	eq	68.6.0__1.el8_1
firefox	eq	78.12.0__1.el7.centos
firefox	eq	68.1.0__1.el8_0
firefox	eq	78.8.0__1.el8_3
firefox	eq	68.10.0__1.el8_2
firefox	eq	38.2.1__1.ael7b_1
firefox	eq	60.5.0__2.el7.centos
firefox	eq	68.6.1__1.el7.centos