CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45419
https://notcve.org/view.php?id=CVE-2022-45419
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107. Si el usuario agregó una excepción de seguridad para un certificado TLS no válido, abrió una conexión TLS en curso con un servidor que usaba ese certificado y luego eliminó la excepción, Firefox habría mantenido viva la conexión, haciendo que pareciera que el certificado todavía era confiable. Esta vulnerabilidad afecta a Firefox < 107. • https://bugzilla.mozilla.org/show_bug.cgi?id=1716082 https://www.mozilla.org/security/advisories/mfsa2022-47 • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45421 – Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
https://notcve.org/view.php?id=CVE-2022-45421
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1767920%2C1789808%2C1794061 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45421 https://bugzilla.redhat.com/show_bug.cgi?id=2143243 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45417
https://notcve.org/view.php?id=CVE-2022-45417
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107. Los Service Workers no detectaron correctamente el modo de navegación privada en todos los casos, lo que podría haber provocado que los Service Workers se escribieran en el disco para los sitios web visitados en el modo de navegación privada. Esto no los habría mantenido en un estado en el que se ejecutarían nuevamente, pero habría filtrado los detalles del modo de navegación privada al disco. • https://bugzilla.mozilla.org/show_bug.cgi?id=1794508 https://www.mozilla.org/security/advisories/mfsa2022-47 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45416 – Mozilla: Keystroke Side-Channel Leakage
https://notcve.org/view.php?id=CVE-2022-45416
Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Los eventos de teclado hacen referencia a cadenas como "KeyA" que estaban en direcciones fijas, conocidas y ampliamente distribuidas. Los ataques de sincronización basados en caché, como Prime+Probe, posiblemente podrían haber descubierto qué teclas se estaban presionando. • https://bugzilla.mozilla.org/show_bug.cgi?id=1793676 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45416 https://bugzilla.redhat.com/show_bug.cgi?id=2143240 • CWE-203: Observable Discrepancy •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45411 – Mozilla: Cross-Site Tracing was possible via non-standard override headers
https://notcve.org/view.php?id=CVE-2022-45411
Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <code>fetch()</code> and XMLHttpRequest; however some webservers have implemented non-standard headers such as <code>X-Http-Method-Override</code> that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. El seguimiento entre sitios se produce cuando un servidor repite una solicitud a través del método Trace, lo que permite que un ataque XSS acceda a encabezados de autorización y cookies inaccesibles para JavaScript (como las cookies protegidas por HTTPOnly). • https://bugzilla.mozilla.org/show_bug.cgi?id=1790311 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45411 https://bugzilla.redhat.com/show_bug.cgi?id=2143204 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •