CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46882 – Mozilla: Use-after-free in WebGL
https://notcve.org/view.php?id=CVE-2022-46882
A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free in WebGL extensions could have led to a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1789371 https://security.gentoo.org/glsa/202305-06 https://security.gentoo.org/glsa/202305-13 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-52 https://www.mozilla.org/security/advisories/mfsa2022-53 https://access.redhat.com/security/cve/CVE-2022-46882 https://bugzilla.redhat.com/show_bug.cgi?id=2153467 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45408 – Mozilla: Fullscreen notification bypass via windowName
https://notcve.org/view.php?id=CVE-2022-45408
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. A través de una serie de ventanas emergentes que reutilizan el nombre de la ventana, un atacante puede hacer que una ventana pase a pantalla completa sin que el usuario vea el mensaje de notificación, lo que genera una posible confusión del usuario o ataques de suplantación de identidad. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1793829 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45408 https://bugzilla.redhat.com/show_bug.cgi?id=2143201 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45409 – Mozilla: Use-after-free in Garbage Collection
https://notcve.org/view.php?id=CVE-2022-45409
The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. El recolector de basura podría haber sido abortado en varios estados y zonas y es posible que no se haya llamado a <code>GCRuntime::finishCollection</code>, lo que provocó un use after free y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1796901 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45409 https://bugzilla.redhat.com/show_bug.cgi?id=2143202 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45418 – Mozilla: Custom mouse cursor could have been drawn over browser UI
https://notcve.org/view.php?id=CVE-2022-45418
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Si se especifica un cursor de mouse personalizado en CSS, bajo ciertas circunstancias el cursor podría haberse dibujado sobre la interfaz de usuario del navegador, lo que podría generar confusión en el usuario o ataques de suplantación de identidad. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1795815 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45418 https://bugzilla.redhat.com/show_bug.cgi?id=2143241 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45403 – Mozilla: Service Workers might have learned size of cross-origin media files
https://notcve.org/view.php?id=CVE-2022-45403
Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Los trabajadores de servicios no deberían poder inferir información sobre respuestas opacas de origen cruzado; pero la información de tiempo para medios de distintos orígenes combinada con solicitudes de rango podría haberles permitido determinar la presencia o la longitud de un archivo multimedia. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. • https://bugzilla.mozilla.org/show_bug.cgi?id=1762078 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45403 https://bugzilla.redhat.com/show_bug.cgi?id=2143197 • CWE-203: Observable Discrepancy CWE-829: Inclusion of Functionality from Untrusted Control Sphere •