Debian Firefox-Esr vulnerabilities

CVE-2022-29909 [HIGH] CVE-2022-29909: firefox - Documents in deeply-nested cross-origin browsing contexts could have obtained pe... Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Scope: local sid: resolved (fixed in 100.0-1)

CVE-2022-1802 [HIGH] CVE-2022-1802: firefox - If an attacker was able to corrupt the methods of an Array object in JavaScript ... If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. Scope: local sid: resolved (fixed in 100.

CVE-2022-38477 [HIGH] CVE-2022-38477: firefox - Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safe... Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Fir

CVE-2022-31741 [HIGH] CVE-2022-31741: firefox - A crafted CMS message could have been processed incorrectly, leading to an inval... A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. Scope: local sid: resolved (fixed in 101.0-1)

CVE-2022-22763 [HIGH] CVE-2022-22763: firefox-esr - When a worker is shutdown, it was possible to cause script to run late in the li... When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6. Scope: local bookworm: resolved (fixed in 91.6.0esr-1) bullseye: resolved (fixed in 91.6.0esr-1~deb11u1) forky: resolved (fixed in 91.6.0esr

CVE-2022-34468 [HIGH] CVE-2022-34468: firefox - An iframe that was not permitted to run scripts could do so if the user clicked ... An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. Scope: local sid: resolved (fixed in 102.0-1)

CVE-2022-46872 [HIGH] CVE-2022-46872: firefox - An attacker who compromised a content process could have partially escaped the s... An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. Scope: local sid: resolved (fixed in 108.0-1)

CVE-2022-38473 [HIGH] CVE-2022-38473: firefox - A cross-origin iframe referencing an XSLT document would inherit the parent doma... A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. Scope: local sid: resolved (fixed in 104.0-1)

CVE-2022-40962 [HIGH] CVE-2022-40962: firefox - Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrs... Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affe

CVE-2022-22761 [HIGH] CVE-2022-22761: firefox - Web-accessible extension pages (pages with a moz-extension:// scheme) were not c... Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. Scope: local sid: resolved (fixed in 97.0-1)

CVE-2022-42932 [HIGH] CVE-2022-42932: firefox - Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safe... Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbi

CVE-2022-22764 [HIGH] CVE-2022-22764: firefox - Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safe... Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR <

CVE-2022-22741 [HIGH] CVE-2022-22741: firefox - When resizing a popup while requesting fullscreen access, the popup would have b... When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Scope: local sid: resolved (fixed in 96.0-1)

CVE-2022-45409 [HIGH] CVE-2022-45409: firefox - The garbage collector could have been aborted in several states and zones and <c... The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Scope: local sid: resolved (fixed in 107.0-1)

CVE-2022-26387 [HIGH] CVE-2022-26387: firefox - When installing an add-on, Firefox verified the signature before prompting the u... When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Scope: local sid: resolved (fixed in 98.0-1)

CVE-2022-34481 [HIGH] CVE-2022-34481: firefox - In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer over... In the nsTArray_Impl::ReplaceElementsAt() function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. Scope: local sid: resolved (fixed in 102.0-1)

CVE-2022-38478 [HIGH] CVE-2022-38478: firefox - Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox ... Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR <

CVE-2022-1529 [HIGH] CVE-2022-1529: firefox - An attacker could have sent a message to the parent process where the contents w... An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 9

CVE-2022-28289 [HIGH] CVE-2022-28289: firefox - Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriel... Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunder

CVE-2022-28281 [HIGH] CVE-2022-28281: firefox - If a compromised content process sent an unexpected number of WebAuthN Extension... If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. Scope: local sid: resolved (fixed in 99.0-1)