VYPR
Unrated severityNVD Advisory· Published Jun 19, 2023· Updated Dec 11, 2024

CVE-2023-29545

CVE-2023-29545

Description

Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user.

*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

36

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.