CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22763 – Mozilla: Script Execution during invalid object state
https://notcve.org/view.php?id=CVE-2022-22763
When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6. Cuando se apaga un trabajador, era posible hacer que el script se ejecutara tarde en el ciclo de vida, en un punto posterior al que no debería ser posible. Esta vulnerabilidad afecta a Firefox < 96, Thunderbird< 91.6 y Firefox ESR < 91.6. The Mozilla Foundation Security Advisory describes this flaw as: When a worker was shut down, it was possible to cause the script to run late in the lifecycle, at a point where it should not be possible. • https://bugzilla.mozilla.org/show_bug.cgi?id=1740534 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-05 https://www.mozilla.org/security/advisories/mfsa2022-06 https://access.redhat.com/security/cve/CVE-2022-22763 https://bugzilla.redhat.com/show_bug.cgi?id=2053240 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22764 – Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
https://notcve.org/view.php?id=CVE-2022-22764
Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. Los desarrolladores de Mozilla, Paul Adenot y Mozilla Fuzzing Team, informaron sobre errores de seguridad de la memoria presentes en Firefox 96 y Firefox ESR 91.5. Algunos de estos errores mostraron evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1742682%2C1744165%2C1746545%2C1748210%2C1748279 https://www.mozilla.org/security/advisories/mfsa2022-04 https://www.mozilla.org/security/advisories/mfsa2022-05 https://www.mozilla.org/security/advisories/mfsa2022-06 https://access.redhat.com/security/cve/CVE-2022-22764 https://bugzilla.redhat.com/show_bug.cgi?id=2053243 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22752
https://notcve.org/view.php?id=CVE-2022-22752
Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96. Los desarrolladores de Mozilla, Christian Holler y Jason Kratzer, informaron sobre errores de seguridad de la memoria presentes en Firefox 95. Algunos de estos errores mostraron evidencia de corrupción de la memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1741210%2C1742770 https://www.mozilla.org/security/advisories/mfsa2022-01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2021-4140 – Mozilla: Iframe sandbox bypass with XSLT
https://notcve.org/view.php?id=CVE-2021-4140
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Fue posible construir un marcado XSLT específico que podría omitir un entorno limitado de iframe. Esta vulnerabilidad afecta a Firefox ESR < 91.5, Firefox < 96 y Thunderbird < 91.5. The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1746720 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-02 https://www.mozilla.org/security/advisories/mfsa2022-03 https://access.redhat.com/security/cve/CVE-2021-4140 https://bugzilla.redhat.com/show_bug.cgi?id=2039568 • CWE-91: XML Injection (aka Blind XPath Injection) CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-22737 – Mozilla: Race condition when playing audio files
https://notcve.org/view.php?id=CVE-2022-22737
Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. La construcción de receptores de audio podría haber provocado una condición de ejecución al reproducir archivos de audio y cerrar ventanas. Esto podría haber dado lugar a un use-after-free que provocaría un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1745874 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-02 https://www.mozilla.org/security/advisories/mfsa2022-03 https://access.redhat.com/security/cve/CVE-2022-22737 https://bugzilla.redhat.com/show_bug.cgi?id=2039567 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •