CVE-2022-46874
CVSS v3.1
8.8 (High)
EPSS
1.10 % (85th)
Affected Products
3
Advisories
36
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>Note: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2022-12-22 20:15:46
(21 months ago) - Updated Date
-
2023-05-03 12:16:32
(16 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...