CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-1802 – Mozilla Firefox Top-Level Await Prototype Pollution Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-1802
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. Si un atacante pudo corromper los métodos de un objeto Array en JavaScript mediante la contaminación de prototipos, podría haber logrado la ejecución del código JavaScript controlado por el atacante en un contexto privilegiado. Esta vulnerabilidad afecta a Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox para Android < 100.3.0 y Thunderbird < 91.9.1. The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. • https://github.com/mistymntncop/CVE-2022-1802 https://bugzilla.mozilla.org/show_bug.cgi?id=1770137 https://www.mozilla.org/security/advisories/mfsa2022-19 https://access.redhat.com/security/cve/CVE-2022-1802 https://bugzilla.redhat.com/show_bug.cgi?id=2089217 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1529 – Mozilla Firefox Improper Input Validation Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2022-1529
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. Un atacante podría haber enviado un mensaje al proceso principal donde el contenido se usó para realizar un doble índice en un objeto JavaScript, lo que provocó la contaminación del prototipo y, en última instancia, la ejecución de JavaScript controlada por el atacante en el proceso principal privilegiado. Esta vulnerabilidad afecta a Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox para Android < 100.3.0 y Thunderbird < 91.9.1. The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. • https://bugzilla.mozilla.org/show_bug.cgi?id=1770048 https://www.mozilla.org/security/advisories/mfsa2022-19 https://access.redhat.com/security/cve/CVE-2022-1529 https://bugzilla.redhat.com/show_bug.cgi?id=2089218 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29909 – Mozilla: Bypassing permission prompt in nested browsing contexts
https://notcve.org/view.php?id=CVE-2022-29909
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Los documentos en contextos de navegación entre orígenes profundamente anidados podrían haber obtenido permisos otorgados al origen de nivel superior, omitiendo el mensaje existente y heredando erróneamente los permisos de nivel superior. Esta vulnerabilidad afecta a Thunderbird < 91.9, Firefox ESR < 91.9 y Firefox < 100. The Mozilla Foundation Security Advisory describes this flaw as: Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. • https://bugzilla.mozilla.org/show_bug.cgi?id=1755081 https://www.mozilla.org/security/advisories/mfsa2022-16 https://www.mozilla.org/security/advisories/mfsa2022-17 https://www.mozilla.org/security/advisories/mfsa2022-18 https://access.redhat.com/security/cve/CVE-2022-29909 https://bugzilla.redhat.com/show_bug.cgi?id=2081469 • CWE-276: Incorrect Default Permissions CWE-281: Improper Preservation of Permissions •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2022-29912 – Mozilla: Reader mode bypassed SameSite cookies
https://notcve.org/view.php?id=CVE-2022-29912
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Las solicitudes iniciadas a través del modo lector no omitieron correctamente las cookies con un atributo SameSite. Esta vulnerabilidad afecta a Thunderbird < 91.9, Firefox ESR < 91.9 y Firefox < 100. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1692655 https://www.mozilla.org/security/advisories/mfsa2022-16 https://www.mozilla.org/security/advisories/mfsa2022-17 https://www.mozilla.org/security/advisories/mfsa2022-18 https://access.redhat.com/security/cve/CVE-2022-29912 https://bugzilla.redhat.com/show_bug.cgi?id=2081472 • CWE-565: Reliance on Cookies without Validation and Integrity Checking CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-29917 – Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
https://notcve.org/view.php?id=CVE-2022-29917
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Los desarrolladores de Mozilla, Andrew McCreight, Gabriele Svelto, Tom Ritter y el equipo Mozilla Fuzzing, informaron sobre errores de seguridad de la memoria presentes en Firefox 99 y Firefox ESR 91.8. Algunos de estos errores mostraron evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1684739%2C1706441%2C1753298%2C1762614%2C1762620%2C1764778 https://www.mozilla.org/security/advisories/mfsa2022-16 https://www.mozilla.org/security/advisories/mfsa2022-17 https://www.mozilla.org/security/advisories/mfsa2022-18 https://access.redhat.com/security/cve/CVE-2022-29917 https://bugzilla.redhat.com/show_bug.cgi?id=2081473 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •