CVE-2023-6209

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-6209

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6209.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-6209

Downstream

DEBIAN-CVE-2023-6209

DLA-3661-1

DLA-3674-1

DSA-5561-1

DSA-5566-1

OESA-2025-1322

OESA-2025-1323

RHSA-2023:7499

RHSA-2023:7500

RHSA-2023:7501

RHSA-2023:7502

RHSA-2023:7503

RHSA-2023:7504

RHSA-2023:7505

RHSA-2023:7506

RHSA-2023:7507

RHSA-2023:7508

RHSA-2023:7509

RHSA-2023:7510

RHSA-2023:7511

RHSA-2023:7512

RHSA-2023:7547

RHSA-2023:7569

RHSA-2023:7570

RHSA-2023:7573

RHSA-2023:7574

RHSA-2023:7577

SUSE-SU-2023:4588-1

SUSE-SU-2023:4912-1

SUSE-SU-2023:4928-1

SUSE-SU-2023:4929-1

UBUNTU-CVE-2023-6209

USN-6509-1

USN-6515-1

openSUSE-SU-2024:13459-1

openSUSE-SU-2024:13468-1

openSUSE-SU-2024:14572-1

Related

Published

2023-11-21T15:15:07Z

Modified

2025-08-09T20:01:26Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

References

Affected packages