Home > Vulnerability Database > CVE-2024-9395

Mend.io Vulnerability Database

CVE-2024-9395

Date: October 1, 2024

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 131.

Language: KOTLIN

Severity Score

5.3

Related Resources (4)

Url: https://www.mozilla.org/security/advisories/mfsa2024-46/

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1906024

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-9395

Url: https://www.mend.io/vulnerability-database/CVE-2024-9395

Severity Score

5.3

Weakness Type (CWE)

User Interface (UI) Misrepresentation of Critical Information

CWE-451

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-9395

Date: October 1, 2024

Language: KOTLIN

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?