Lucene search
K

Remote Code Execution(RCE)

🗓️ 24 Jan 2023 20:59:33Reported by Veracode Vulnerability DatabaseType 
veracode
 veracode
🔗 sca.analysiscenter.veracode.com👁 23 Views

firefox is vulnerable to Remote Code Execution(RCE) due to a duplicate SystemPrincipal object creation from parsing non-system html document via DOMParser::ParseFromSafeString leading to web security bypas

Related
Detection
Refs
Vulners
Node
focalfocalMatch75.0+build3-0ubuntu1debian
AND
focalfocalMatch80.0.1+build1-0ubuntu0.20.04.1debian
AND
focalfocalMatch80.0+build2-0ubuntu0.20.04.1debian
AND
focalfocalMatch83.0+build2-0ubuntu0.20.04.1debian
AND
OR
googlebionicMatch83.0+build2-0ubuntu0.18.04.2debian
AND
googlebionicMatch92.0+build3-0ubuntu0.18.04.1debian
AND
googlebionicMatch80.0.1+build1-0ubuntu0.18.04.1debian
AND
googlebionicMatch80.0+build2-0ubuntu0.18.04.1debian
AND
googlebionicMatch59.0.2+build1-0ubuntu1debian
AND
OR
mozillafirefoxMatch83.0-1debian
AND
mozillafirefoxMatch81.0-2debian
AND
mozillafirefoxMatch82.0.3-1debian
AND

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

10 Jan 2025 19:20Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.16.5
EPSS0.00463
SSVC
23