Debian Firefox-Esr vulnerabilities

CVE-2022-45408 [MEDIUM] CVE-2022-45408: firefox - Through a series of popups that reuse windowName, an attacker can cause a window... Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Scope: local sid: resolved (fixed in 107.0-1)

CVE-2022-22739 [MEDIUM] CVE-2022-22739: firefox - Malicious websites could have tricked users into accepting launching a program t... Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Scope: local sid: resolved (fixed in 96.0-1)

CVE-2022-46880 [MEDIUM] CVE-2022-46880: firefox - A missing check related to tex units could have led to a use-after-free and pote... A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. Scop

CVE-2022-29916 [MEDIUM] CVE-2022-29916: firefox - Firefox behaved slightly differently for already known resources when loading CS... Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Scope: local sid: resolved (fixed in 100.0-1)

CVE-2022-34472 [MEDIUM] CVE-2022-34472: firefox - If there was a PAC URL set and the server that hosts the PAC was not reachable, ... If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. Scope: local sid: resolved (fixed in 102.0-1)

CVE-2022-22754 [MEDIUM] CVE-2022-22754: firefox - If a user installed an extension of a particular type, the extension could have ... If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. Scope: local sid: resolved (fixed in 97.0-1)

CVE-2022-40960 [MEDIUM] CVE-2022-40960: firefox - Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This c... Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. Scope: local sid: resolved (fixed in 105.0-1)

CVE-2022-40958 [MEDIUM] CVE-2022-40958: firefox - By injecting a cookie with certain special characters, an attacker on a shared s... By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. Scope: local sid: resolved (fixed in 105.0-1)

CVE-2022-29914 [MEDIUM] CVE-2022-29914: firefox - When reusing existing popups Firefox would have allowed them to cover the fullsc... When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100. Scope: local sid: resolved (fixed in 100.0-1)

CVE-2022-46877 [MEDIUM] CVE-2022-46877: firefox - By confusing the browser, the fullscreen notification could have been delayed or... By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. Scope: local sid: resolved (fixed in 108.0-1)

CVE-2022-22747 [MEDIUM] CVE-2022-22747: firefox - After accepting an untrusted certificate, handling an empty pkcs7 sequence as pa... After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Scope: local sid: resolved (fixed in 96.0-1)

CVE-2022-36318 [MEDIUM] CVE-2022-36318: firefox - When visiting directory listings for `chrome://` URLs as source text, some param... When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Scope: local sid: resolved (fixed in 103.0-1)

CVE-2022-22753 [HIGH] CVE-2022-22753: firefox - A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service tha... A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ES

CVE-2022-46875 [MEDIUM] CVE-2022-46875: firefox - The executable file warning was not presented when downloading .atloc and .ftplo... The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. *Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. Scope: local sid: resolved

CVE-2022-22744 [HIGH] CVE-2022-22744: firefox - The constructed curl command from the "Copy as curl" feature in DevTools was not... The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Sc

CVE-2022-34478 [MEDIUM] CVE-2022-34478: firefox - The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protoc... The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open the

CVE-2022-22746 [MEDIUM] CVE-2022-22746: firefox - A race condition could have allowed bypassing the fullscreen notification which ... A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Scope: local sid: resolved

CVE-2022-31739 [HIGH] CVE-2022-31739: firefox - When downloading files on Windows, the % character was not escaped, which could ... When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefo

CVE-2021-4127 [CRITICAL] CVE-2021-4127: firefox-esr - An out of date graphics library (Angle) likely contained vulnerabilities that co... An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9. Scope: local bookworm: resolved (fixed in 78.9.0esr-1) bullseye: resolved (fixed in 78.9.0esr-1) forky: resolved (fixed in 78.9.0esr-1) sid: resolved (fixed in 78.9.0esr-1) trixie: r

CVE-2021-4140 [CRITICAL] CVE-2021-4140: firefox - It was possible to construct specific XSLT markup that would be able to bypass a... It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Scope: local sid: resolved (fixed in 96.0-1)