Back to search
CVE-2019-9804
Published: Apr 26, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.
| Vendor | Product | Versions |
|---|---|---|
Mozilla | Firefox | affected unspecified - < 66 |
References
https://www.mozilla.org/security/advisories/mfsa2019-07/
x_refsource_MISC
https://bugzilla.mozilla.org/show_bug.cgi?id=1518026
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now