CVE-2022-31740 – Mozilla: Register allocation problem in WASM on arm64
02 Jun 2022 — On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. En arm64, el código WASM podría haber dado lugar a una generación de ensamblaje incorrecta, lo que provocó un problema de asignación de registros y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird < 91.10, Firefox < 101 y Firefox ESR &l... • https://bugzilla.mozilla.org/show_bug.cgi?id=1766806 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVE-2022-31738 – Mozilla: Browser window spoof using fullscreen mode
02 Jun 2022 — When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. Al salir del modo de pantalla completa, un iframe podría haber confundido al navegador sobre el estado actual de la pantalla completa, lo que podría generar confusión en el usuario o ataques de suplantación de identidad. Esta vulnerabilidad afecta a Thun... • https://bugzilla.mozilla.org/show_bug.cgi?id=1756388 • CWE-290: Authentication Bypass by Spoofing CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVE-2022-1802 – Mozilla Firefox Top-Level Await Prototype Pollution Remote Code Execution Vulnerability
25 May 2022 — If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. Si un atacante pudo corromper los métodos de un objeto Array en JavaScript mediante la contaminación de prototipos, podría haber logrado la ejecución del código JavaScript controlado ... • https://github.com/mistymntncop/CVE-2022-1802 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •

CVE-2022-1529 – Mozilla Firefox Improper Input Validation Sandbox Escape Vulnerability
24 May 2022 — An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. Un atacante podría haber enviado un mensaje al proceso principal donde el contenido se usó para realizar un doble índice en un objeto J... • https://bugzilla.mozilla.org/show_bug.cgi?id=1770048 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •

CVE-2022-29915 – Gentoo Linux Security Advisory 202208-08
11 May 2022 — The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100. La API de rendimiento no ocultó adecuadamente el hecho de si un recurso de solicitud de origen cruzado ha observado redireccionamientos. Esta vulnerabilidad afecta a Firefox < 100. Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1751678 •

CVE-2022-29911 – Mozilla: iframe Sandbox bypass
04 May 2022 — An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation
could lead to script execution without allow-scripts
being present. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Una implementación incorrecta de la nueva palabra clave de iframe sandbox allow-top-navigation-by-user-activation
podría provocar la ejecución del script sin que allow-scripts
esté presente. Esta vulnerabi... • https://bugzilla.mozilla.org/show_bug.cgi?id=1761981 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVE-2022-29912 – Mozilla: Reader mode bypassed SameSite cookies
04 May 2022 — Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Las solicitudes iniciadas a través del modo lector no omitieron correctamente las cookies con un atributo SameSite. Esta vulnerabilidad afecta a Thunderbird < 91.9, Firefox ESR < 91.9 y Firefox < 100. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1692655 • CWE-565: Reliance on Cookies without Validation and Integrity Checking CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVE-2022-29917 – Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
04 May 2022 — Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Los desarrolladores de Mozilla, Andrew McCreight, Gabriele Svelto, Tom Ritter y el equipo Mozilla Fuzz... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1684739%2C1706441%2C1753298%2C1762614%2C1762620%2C1764778 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •

CVE-2022-29909 – Mozilla: Bypassing permission prompt in nested browsing contexts
04 May 2022 — Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Los documentos en contextos de navegación entre orígenes profundamente anidados podrían haber obtenido permisos otorgados al origen de nivel superior, omitiendo el mensaje existente y heredando erróneamente los permisos ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1755081 • CWE-276: Incorrect Default Permissions CWE-281: Improper Preservation of Permissions •

CVE-2022-29914 – Mozilla: Fullscreen notification bypass using popups
04 May 2022 — When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Al reutilizar ventanas emergentes existentes, Firefox les habría permitido cubrir la interfaz de usuario de notificación en pantalla completa, lo que podría haber permitido ataques de suplantación de identidad del navegador. Esta vulnerabilidad afecta a Thunderbird < 91... • https://bugzilla.mozilla.org/show_bug.cgi?id=1746448 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •