Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Remote Code Execution (RCE)

🗓️ 11 Feb 2022 19:16:52Reported by Veracode Vulnerability DatabaseType 
veracode
 veracode🔗 sca.analysiscenter.veracode.com👁 46 Views

firefox RCE vulnerability due to same-origin policy lack of validation with XSL transform

Related
Detection
Refs
ReporterTitlePublishedViews
Family
AlpineLinux		CVE-2022-22755
22 Dec 202200:00
alpinelinux
AstraLinux		 Astra Linux - уязвимость в firefox
20 May 202605:53
astralinux
CNNVD		Mozilla Firefox 安全漏洞
8 Feb 202200:00
cnnvd
CNVD		Mozilla Firefox Resource Misuse Vulnerability
30 Dec 202200:00
cnvd
CVE		CVE-2022-22755
22 Dec 202200:00
cve
Cvelist		CVE-2022-22755
22 Dec 202200:00
cvelist
Debian CVE		CVE-2022-22755
22 Dec 202200:00
debiancve
EUVD		EUVD-2022-27898
3 Oct 202520:07
euvd
Tenable Nessus		GLSA-202202-03 : Mozilla Firefox: Multiple vulnerabilities
17 Mar 202200:00
nessus
Tenable Nessus		Mozilla Firefox < 97.0
8 Feb 202200:00
nessus
Rows per page
Vulners
Node
mozillafirefoxMatch82.0.3-1debian
AND
mozillafirefoxMatch81.0-2debian
AND
mozillafirefoxMatch83.0-1debian
AND
debiandebian_linuxMatch999
OR
mozillafirefoxMatch74.0.1-r0os
AND
mozillafirefoxMatch75.0-r1os
AND
mozillafirefoxMatch87.0-r0os
AND
mozillafirefoxMatch89.0-r0os
AND
mozillafirefoxMatch74.0-r1os
AND
mozillafirefoxMatch94.0-r0os
AND
mozillafirefoxMatch75.0-r2os
AND
mozillafirefoxMatch90.0.2-r0os
AND
mozillafirefoxMatch90.0-r0os
AND
mozillafirefoxMatch76.0.1-r1os
AND
mozillafirefoxMatch76.0-r0os
AND
mozillafirefoxMatch76.0.1-r0os
AND
mozillafirefoxMatch85.0.2-r0os
AND
mozillafirefoxMatch88.0-r0os
AND
mozillafirefoxMatch85.0.2-r1os
AND
mozillafirefoxMatch89.0.1-r1os
AND
mozillafirefoxMatch89.0.2-r0os
AND
mozillafirefoxMatch94.0.2-r0os
AND
mozillafirefoxMatch95.0-r0os
AND
mozillafirefoxMatch73.0.1-r1os
AND
mozillafirefoxMatch89.0.1-r0os
AND
mozillafirefoxMatch93.0-r1os
AND
mozillafirefoxMatch88.0.1-r0os
AND
mozillafirefoxMatch95.0.1-r0os
AND
alpinelinuxalpine_linuxMatchedge
OR
googlebionicMatch80.0.1+build1-0ubuntu0.18.04.1debian
AND
googlebionicMatch83.0+build2-0ubuntu0.18.04.2debian
AND
googlebionicMatch59.0.2+build1-0ubuntu1debian
AND
googlebionicMatch92.0+build3-0ubuntu0.18.04.1debian
AND
googlebionicMatch80.0+build2-0ubuntu0.18.04.1debian
AND
debiandebian_linux
OR
focalfocalMatch80.0.1+build1-0ubuntu0.20.04.1debian
AND
focalfocalMatch75.0+build3-0ubuntu1debian
AND
focalfocalMatch83.0+build2-0ubuntu0.20.04.1debian
AND
focalfocalMatch80.0+build2-0ubuntu0.20.04.1debian
AND
debiandebian_linux
OR
develdevelMatch86.0+build3-0ubuntu1debian
AND
develdevelMatch83.0+build2-0ubuntu1debian
AND
develdevelMatch78.0.1+build1-0ubuntu1debian
AND
develdevelMatch80.0.1+build1-0ubuntu1debian
AND
develdevelMatch81.0+build1-0ubuntu1debian
AND
debiandebian_linux

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
30 Dec 2022 01:20Current
2.7Low risk
Vulners AI Score2.7
CVSS 3.18.8
EPSS0.00718
firefoxremote code executionrcesame-origin policyvalidationxsl transformsjavascriptvulnerability
46