CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26384 – Mozilla: iframe allow-scripts sandbox bypass
https://notcve.org/view.php?id=CVE-2022-26384
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Si un atacante pudiera controlar el contenido de un iframe en un espacio aislado con <code>allow-popups</code> pero no con <code>allow-scripts</code>, podría crear un enlace que, al hacer clic, conduciría a Ejecución de JavaScript en violación de la sandbox. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7. The Mozilla Foundation Security Advisory describes this flaw as: If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1744352 https://www.mozilla.org/security/advisories/mfsa2022-10 https://www.mozilla.org/security/advisories/mfsa2022-11 https://www.mozilla.org/security/advisories/mfsa2022-12 https://access.redhat.com/security/cve/CVE-2022-26384 https://bugzilla.redhat.com/show_bug.cgi?id=2062221 • CWE-179: Incorrect Behavior Order: Early Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26381 – Mozilla Firefox textPath Element Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26381
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Un atacante podría haber provocado un use-after-free al forzar un reflujo de texto en un objeto SVG, lo que provocó un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7. The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have caused a use-after-free issue by forcing a text reflow in an SVG object, leading to a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1736243 https://www.mozilla.org/security/advisories/mfsa2022-10 https://www.mozilla.org/security/advisories/mfsa2022-11 https://www.mozilla.org/security/advisories/mfsa2022-12 https://access.redhat.com/security/cve/CVE-2022-26381 https://bugzilla.redhat.com/show_bug.cgi?id=2062223 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 2CVE-2022-26486 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26486
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. Un mensaje inesperado en el framework IPC de WebGPU podría provocar un escape de la sandbox explotable y de use-after-free. Hemos recibido informes de ataques en la naturaleza que abusan de esta falla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1758070 https://www.mozilla.org/security/advisories/mfsa2022-09 https://access.redhat.com/security/cve/CVE-2022-26486 https://bugzilla.redhat.com/show_bug.cgi?id=2061735 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 2CVE-2022-26485 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26485
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. La eliminación de un parámetro XSLT durante el procesamiento podría haber dado lugar a un use-after-free explotable. Hemos recibido informes de ataques en la naturaleza que abusan de esta falla. • https://github.com/mistymntncop/CVE-2022-26485 https://bugzilla.mozilla.org/show_bug.cgi?id=1758062 https://www.mozilla.org/security/advisories/mfsa2022-09 https://access.redhat.com/security/cve/CVE-2022-26485 https://bugzilla.redhat.com/show_bug.cgi?id=2061736 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22761 – Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
https://notcve.org/view.php?id=CVE-2022-22761
Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. Las páginas de extensión accesibles desde la web (páginas con un esquema moz-extension://) no aplicaban correctamente la directiva frame-ancestors cuando se usaba en la Política de seguridad de contenido de la extensión web. Esta vulnerabilidad afecta a Firefox < 97, Thunderbird < 91.6 y Firefox ESR < 91.6. The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. • https://bugzilla.mozilla.org/show_bug.cgi?id=1745566 https://www.mozilla.org/security/advisories/mfsa2022-04 https://www.mozilla.org/security/advisories/mfsa2022-05 https://www.mozilla.org/security/advisories/mfsa2022-06 https://access.redhat.com/security/cve/CVE-2022-22761 https://bugzilla.redhat.com/show_bug.cgi?id=2053239 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •