CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46880 – Mozilla: Use-after-free in WebGL
https://notcve.org/view.php?id=CVE-2022-46880
15 Dec 2022 — A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.
*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. The Mozilla Foundation Security Advisory describes this flaw as: A missing check related to tex units could have led to a use-after-free and pot... • https://bugzilla.mozilla.org/show_bug.cgi?id=1749292 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46882 – Mozilla: Use-after-free in WebGL
https://notcve.org/view.php?id=CVE-2022-46882
15 Dec 2022 — A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free in WebGL extensions could have led to a potentially exploitable crash. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit t... • https://bugzilla.mozilla.org/show_bug.cgi?id=1789371 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45404 – Mozilla: Fullscreen notification bypass
https://notcve.org/view.php?id=CVE-2022-45404
17 Nov 2022 — Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. A través de una serie de ventanas emergentes y llamadas window.print(), un atacante puede hacer que una ventana pase a pantalla completa sin que el usuario vea el mensaje de notificación, lo... • https://bugzilla.mozilla.org/show_bug.cgi?id=1790815 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45408 – Mozilla: Fullscreen notification bypass via windowName
https://notcve.org/view.php?id=CVE-2022-45408
17 Nov 2022 — Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. A través de una serie de ventanas emergentes que reutilizan el nombre de la ventana, un atacante puede hacer que una ventana pase a pantalla completa sin que el usuario vea el mensaje de notificación, lo que genera una... • https://bugzilla.mozilla.org/show_bug.cgi?id=1793829 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45409 – Mozilla: Use-after-free in Garbage Collection
https://notcve.org/view.php?id=CVE-2022-45409
17 Nov 2022 — The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. El recolector de basura podría haber sido abortado en varios estados y zonas y es posible que no se haya llamado a GCRuntime::finishCollection, lo que provocó un use after free y un bloqueo potencialment... • https://bugzilla.mozilla.org/show_bug.cgi?id=1796901 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45403 – Mozilla: Service Workers might have learned size of cross-origin media files
https://notcve.org/view.php?id=CVE-2022-45403
17 Nov 2022 — Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Los trabajadores de servicios no deberían poder inferir información sobre respuestas opacas de origen cruzado; pero la información de tiempo para medios de distintos orígenes comb... • https://bugzilla.mozilla.org/show_bug.cgi?id=1762078 • CWE-203: Observable Discrepancy CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45405 – Mozilla: Use-after-free in InputStream implementation
https://notcve.org/view.php?id=CVE-2022-45405
17 Nov 2022 — Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Liberar nsIInputStream arbitrarios en un hilo diferente al de creación podría haber provocado un use after free y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozil... • https://bugzilla.mozilla.org/show_bug.cgi?id=1791314 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45418 – Mozilla: Custom mouse cursor could have been drawn over browser UI
https://notcve.org/view.php?id=CVE-2022-45418
17 Nov 2022 — If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Si se especifica un cursor de mouse personalizado en CSS, bajo ciertas circunstancias el cursor podría haberse dibujado sobre la interfaz de usuario del navegador, lo que podría generar confusión en el usuario o ataques de suplantación d... • https://bugzilla.mozilla.org/show_bug.cgi?id=1795815 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45421 – Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
https://notcve.org/view.php?id=CVE-2022-45421
16 Nov 2022 — Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs pre... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1767920%2C1789808%2C1794061 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45410 – Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
https://notcve.org/view.php?id=CVE-2022-45410
16 Nov 2022 — When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Cuando un ServiceWorker interceptó una solicitud con FetchEvent, el origen de la solicitud se perdió después de que ServiceWorker tomó posesión... • https://bugzilla.mozilla.org/show_bug.cgi?id=1658869 • CWE-1275: Sensitive Cookie with Improper SameSite Attribute •