CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45417
https://notcve.org/view.php?id=CVE-2022-45417
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107. Los Service Workers no detectaron correctamente el modo de navegación privada en todos los casos, lo que podría haber provocado que los Service Workers se escribieran en el disco para los sitios web visitados en el modo de navegación privada. Esto no los habría mantenido en un estado en el que se ejecutarían nuevamente, pero habría filtrado los detalles del modo de navegación privada al disco. • https://bugzilla.mozilla.org/show_bug.cgi?id=1794508 https://www.mozilla.org/security/advisories/mfsa2022-47 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-45413
https://notcve.org/view.php?id=CVE-2022-45413
Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107. • https://bugzilla.mozilla.org/show_bug.cgi?id=1791201 https://www.mozilla.org/security/advisories/mfsa2022-47 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45406 – Mozilla: Use-after-free of a JavaScript Realm
https://notcve.org/view.php?id=CVE-2022-45406
If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1791975 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45406 https://bugzilla.redhat.com/show_bug.cgi?id=2143200 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45411 – Mozilla: Cross-Site Tracing was possible via non-standard override headers
https://notcve.org/view.php?id=CVE-2022-45411
Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <code>fetch()</code> and XMLHttpRequest; however some webservers have implemented non-standard headers such as <code>X-Http-Method-Override</code> that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. El seguimiento entre sitios se produce cuando un servidor repite una solicitud a través del método Trace, lo que permite que un ataque XSS acceda a encabezados de autorización y cookies inaccesibles para JavaScript (como las cookies protegidas por HTTPOnly). • https://bugzilla.mozilla.org/show_bug.cgi?id=1790311 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45411 https://bugzilla.redhat.com/show_bug.cgi?id=2143204 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45415
https://notcve.org/view.php?id=CVE-2022-45415
When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107. • https://bugzilla.mozilla.org/show_bug.cgi?id=1793551 https://www.mozilla.org/security/advisories/mfsa2022-47 •