CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34473
https://notcve.org/view.php?id=CVE-2022-34473
The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code><use></code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102. El HTML Sanitizer debería haber sanitizado el atributo <code>href</code> de las etiquetas SVG <code></code>; sin embargo, no sanitizó incorrectamente los atributos <code>xlink:href</code>. Esta vulnerabilidad afecta a Firefox < 102. • https://bugzilla.mozilla.org/show_bug.cgi?id=1770888 https://www.mozilla.org/security/advisories/mfsa2022-24 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-34478
https://notcve.org/view.php?id=CVE-2022-34478
The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. • https://bugzilla.mozilla.org/show_bug.cgi?id=1773717 https://www.mozilla.org/security/advisories/mfsa2022-24 https://www.mozilla.org/security/advisories/mfsa2022-25 https://www.mozilla.org/security/advisories/mfsa2022-26 •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22744
https://notcve.org/view.php?id=CVE-2022-22744
The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. • https://bugzilla.mozilla.org/show_bug.cgi?id=1737252 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-02 https://www.mozilla.org/security/advisories/mfsa2022-03 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2022-22753
https://notcve.org/view.php?id=CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. • https://bugzilla.mozilla.org/show_bug.cgi?id=1732435 https://www.mozilla.org/security/advisories/mfsa2022-04 https://www.mozilla.org/security/advisories/mfsa2022-05 https://www.mozilla.org/security/advisories/mfsa2022-06 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22758
https://notcve.org/view.php?id=CVE-2022-22758
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97. • https://bugzilla.mozilla.org/show_bug.cgi?id=1728742 https://www.mozilla.org/security/advisories/mfsa2022-04 • CWE-319: Cleartext Transmission of Sensitive Information •