CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26387 – Mozilla: Time-of-check time-of-use bug when verifying add-on signatures
https://notcve.org/view.php?id=CVE-2022-26387
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Al instalar un complemento, Firefox verificaba la firma antes de avisar al usuario; pero mientras el usuario confirmaba el mensaje, el archivo complementario subyacente podría haberse modificado y Firefox no se habría dado cuenta. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1752979 https://www.mozilla.org/security/advisories/mfsa2022-10 https://www.mozilla.org/security/advisories/mfsa2022-11 https://www.mozilla.org/security/advisories/mfsa2022-12 https://access.redhat.com/security/cve/CVE-2022-26387 https://bugzilla.redhat.com/show_bug.cgi?id=2062222 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26381 – Mozilla Firefox textPath Element Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26381
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Un atacante podría haber provocado un use-after-free al forzar un reflujo de texto en un objeto SVG, lo que provocó un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7. The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have caused a use-after-free issue by forcing a text reflow in an SVG object, leading to a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1736243 https://www.mozilla.org/security/advisories/mfsa2022-10 https://www.mozilla.org/security/advisories/mfsa2022-11 https://www.mozilla.org/security/advisories/mfsa2022-12 https://access.redhat.com/security/cve/CVE-2022-26381 https://bugzilla.redhat.com/show_bug.cgi?id=2062223 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 2CVE-2022-26486 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26486
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. Un mensaje inesperado en el framework IPC de WebGPU podría provocar un escape de la sandbox explotable y de use-after-free. Hemos recibido informes de ataques en la naturaleza que abusan de esta falla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1758070 https://www.mozilla.org/security/advisories/mfsa2022-09 https://access.redhat.com/security/cve/CVE-2022-26486 https://bugzilla.redhat.com/show_bug.cgi?id=2061735 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 2CVE-2022-26485 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-26485
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. La eliminación de un parámetro XSLT durante el procesamiento podría haber dado lugar a un use-after-free explotable. Hemos recibido informes de ataques en la naturaleza que abusan de esta falla. • https://github.com/mistymntncop/CVE-2022-26485 https://bugzilla.mozilla.org/show_bug.cgi?id=1758062 https://www.mozilla.org/security/advisories/mfsa2022-09 https://access.redhat.com/security/cve/CVE-2022-26485 https://bugzilla.redhat.com/show_bug.cgi?id=2061736 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22757
https://notcve.org/view.php?id=CVE-2022-22757
Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. <br>*This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97. El agente remoto, utilizado en WebDriver, no validó los encabezados Host u Origin. • https://bugzilla.mozilla.org/show_bug.cgi?id=1720098 https://www.mozilla.org/security/advisories/mfsa2022-04 • CWE-346: Origin Validation Error •