Bug 1831764 (CVE-2020-12392) - CVE-2020-12392 Mozilla: Arbitrary local file access with 'Copy as cURL'
Summary: CVE-2020-12392 Mozilla: Arbitrary local file access with 'Copy as cURL'
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-12392
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1828972 1828973 1828974 1828975 1828976 1828977 1828978 1831592 1831593 1831594 1831595 1831596 1831597 1831598
Blocks: 1828970
TreeView+ depends on / blocked
 
Reported: 2020-05-05 15:14 UTC by msiddiqu
Modified: 2021-02-16 20:06 UTC (History)
5 users (show)

Fixed In Version: firefox 68.8, thunderbird 68.8.0
Doc Type: If docs needed, set a value
Doc Text:
The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files.
Clone Of:
Environment:
Last Closed: 2020-05-06 10:32:03 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:2031 0 None None None 2020-05-06 08:43:53 UTC
Red Hat Product Errata RHSA-2020:2032 0 None None None 2020-05-06 08:27:15 UTC
Red Hat Product Errata RHSA-2020:2033 0 None None None 2020-05-06 08:10:55 UTC
Red Hat Product Errata RHSA-2020:2036 0 None None None 2020-05-06 10:45:24 UTC
Red Hat Product Errata RHSA-2020:2037 0 None None None 2020-05-06 10:42:13 UTC
Red Hat Product Errata RHSA-2020:2046 0 None None None 2020-05-11 09:25:21 UTC
Red Hat Product Errata RHSA-2020:2047 0 None None None 2020-05-11 09:05:47 UTC
Red Hat Product Errata RHSA-2020:2048 0 None None None 2020-05-11 08:54:46 UTC
Red Hat Product Errata RHSA-2020:2049 0 None None None 2020-05-11 09:34:42 UTC
Red Hat Product Errata RHSA-2020:2050 0 None None None 2020-05-11 09:51:14 UTC

Description msiddiqu 2020-05-05 15:14:44 UTC
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files.



External Reference:

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12392

Comment 1 msiddiqu 2020-05-05 15:14:48 UTC
Acknowledgments:

Name: the Mozilla project
Upstream: Ophir LOJKINE

Comment 2 errata-xmlrpc 2020-05-06 08:10:52 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:2033 https://access.redhat.com/errata/RHSA-2020:2033

Comment 3 errata-xmlrpc 2020-05-06 08:27:13 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2020:2032 https://access.redhat.com/errata/RHSA-2020:2032

Comment 4 errata-xmlrpc 2020-05-06 08:43:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:2031 https://access.redhat.com/errata/RHSA-2020:2031

Comment 5 Product Security DevOps Team 2020-05-06 10:32:03 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-12392

Comment 6 errata-xmlrpc 2020-05-06 10:42:11 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:2037 https://access.redhat.com/errata/RHSA-2020:2037

Comment 7 errata-xmlrpc 2020-05-06 10:45:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2020:2036 https://access.redhat.com/errata/RHSA-2020:2036

Comment 8 errata-xmlrpc 2020-05-11 08:54:43 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:2048 https://access.redhat.com/errata/RHSA-2020:2048

Comment 9 errata-xmlrpc 2020-05-11 09:05:44 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2020:2047 https://access.redhat.com/errata/RHSA-2020:2047

Comment 10 errata-xmlrpc 2020-05-11 09:25:19 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:2046 https://access.redhat.com/errata/RHSA-2020:2046

Comment 11 errata-xmlrpc 2020-05-11 09:34:40 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2020:2049 https://access.redhat.com/errata/RHSA-2020:2049

Comment 12 errata-xmlrpc 2020-05-11 09:51:11 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:2050 https://access.redhat.com/errata/RHSA-2020:2050


Note You need to log in before you can comment on or make changes to this bug.