CVE-2022-22744Improper Encoding or Escaping of Output in Mozilla Firefox

CWE-116Improper Encoding or Escaping of OutputCWE-77Command Injection9 documents7 sources
Severity
8.8HIGHNVD
EPSS
0.4%
top 36.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla FirefoxMozilla Firefox ESRMozilla Thunderbird
Timeline
PublishedDec 22

Description

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages6 packages

CVEListV5mozilla/firefoxunspecified96
NVDmozilla/firefox< 96.0
CVEListV5mozilla/firefox_esrunspecified91.5
CVEListV5mozilla/thunderbirdunspecified91.5

🔴Vulnerability Details

3
GHSA
GHSA-4989-6q5w-wjgw: The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell2022-12-22
OSV
CVE-2022-22744: The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell2022-12-22
CVEList
CVE-2022-22744: The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell2022-12-22

📋Vendor Advisories

5
Red Hat
Mozilla: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection2022-01-11
Debian
CVE-2022-22744: firefox - The constructed curl command from the "Copy as curl" feature in DevTools was not...2022
Mozilla
Mozilla Foundation Security Advisory 2022-03: CVE-2022-22744
Mozilla
Mozilla Foundation Security Advisory 2022-02: CVE-2022-22744
Mozilla
Mozilla Foundation Security Advisory 2022-01: CVE-2022-22744
CVE-2022-22744 — Mozilla Firefox vulnerability | cvebase