Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-pc79-pjx7-pq9h

GitHub Security Advisory

⚠ Unreviewed CRITICAL Has CVE
View on GitHub

Advisory Details

A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.

*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.

Related CVEs

CVE-2023-29542

Key Information

GHSA ID
GHSA-pc79-pjx7-pq9h
Published
June 19, 2023 12:30 PM
Last Modified
April 4, 2024 4:56 AM
CVSS Score
9.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: September 15, 2025 6:32 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.