CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 5CVE-2022-28281 – Mozilla: Out of bounds write due to unexpected WebAuthN Extensions
https://notcve.org/view.php?id=CVE-2022-28281
08 Apr 2022 — If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. Si un proceso de contenido comprometido envió una cantidad inesperada de extensiones WebAuthN en un comando de registro al proceso principal, se habría producido una escritura fuera de los lí... • https://github.com/0vercl0k/CVE-2022-28281 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26387 – Mozilla: Time-of-check time-of-use bug when verifying add-on signatures
https://notcve.org/view.php?id=CVE-2022-26387
11 Mar 2022 — When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Al instalar un complemento, Firefox verificaba la firma antes de avisar al usuario; pero mientras el usuario confirmaba el mensaje, el archivo complementario subyacente podría haberse modificado y Firefox no ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1752979 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-26383 – Mozilla: Browser window spoof using fullscreen mode
https://notcve.org/view.php?id=CVE-2022-26383
11 Mar 2022 — When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Al cambiar el tamaño de una ventana emergente después de solicitar acceso a pantalla completa, la ventana emergente no mostraba la notificación en pantalla completa. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1742421 • CWE-449: The UI Performs the Wrong Action •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26384 – Mozilla: iframe allow-scripts sandbox bypass
https://notcve.org/view.php?id=CVE-2022-26384
11 Mar 2022 — If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Si un atacante pudiera controlar el contenido de un iframe en un espacio aislado con allow-popups pero no con allow-scripts, podría crear un enlace que, a... • https://bugzilla.mozilla.org/show_bug.cgi?id=1744352 • CWE-179: Incorrect Behavior Order: Early Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0843 – Ubuntu Security Notice USN-5321-2
https://notcve.org/view.php?id=CVE-2022-0843
11 Mar 2022 — Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98. Los desarrolladores de Mozilla, Kershaw Chang, Ryan VanderMeulen y Randell Jesup, informaron sobre errores de seguridad de la memoria presentes en Firefox 97. Algunos de estos errores mostrar... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26381 – Mozilla Firefox textPath Element Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26381
09 Mar 2022 — An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Un atacante podría haber provocado un use-after-free al forzar un reflujo de texto en un objeto SVG, lo que provocó un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7. The Mozilla Foundation Security Advisory descri... • https://bugzilla.mozilla.org/show_bug.cgi?id=1736243 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 2CVE-2022-26485 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26485
07 Mar 2022 — Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. La eliminación de un parámetro XSLT durante el procesamiento podría haber dado lugar a un use-after-free explotable. Hemos recibido informes de ataques en la naturaleza que abusan de esta falla. • https://github.com/mistymntncop/CVE-2022-26485 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 2CVE-2022-26486 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26486
07 Mar 2022 — An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. Un mensaje inesperado en el framework IPC de WebGPU podría provocar un escape de la sandbox explotable y de use-after-free. Hemos recibido informes de ataques en la naturaleza que abusan de esta fal... • https://bugzilla.mozilla.org/show_bug.cgi?id=1758070 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22761 – Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
https://notcve.org/view.php?id=CVE-2022-22761
14 Feb 2022 — Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. Las páginas de extensión accesibles desde la web (páginas con un esquema moz-extension://) no aplicaban correctamente la directiva frame-ancestors cuando se usaba en la Política de seguridad de contenido de la extensión web. Esta vul... • https://bugzilla.mozilla.org/show_bug.cgi?id=1745566 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22757 – Ubuntu Security Notice USN-5284-1
https://notcve.org/view.php?id=CVE-2022-22757
14 Feb 2022 — Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. <br>*This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97. El agente remoto, utilizado en WebDriver, no validó los encabezados Host u Origin. • https://bugzilla.mozilla.org/show_bug.cgi?id=1720098 • CWE-346: Origin Validation Error •