Mozilla Firefox vulnerabilities

CVE-2020-12413 [MEDIUM] CWE-203 CVE-2020-12413: The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitig The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.

CVE-2019-17003 [MEDIUM] CWE-79 CVE-2019-17003: Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being exec Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.

CVE-2022-36320 [CRITICAL] CWE-787 CVE-2022-36320: Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 103.

CVE-2022-31748 [CRITICAL] CWE-119 CVE-2022-31748: Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuz Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Fi

CVE-2022-34476 [CRITICAL] CWE-20 CVE-2022-34476: ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.

CVE-2022-29917 [CRITICAL] CWE-787 CVE-2022-29917: Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team report Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affect

CVE-2022-34470 [CRITICAL] CWE-416 CVE-2022-34470: Session history navigations may have led to a use-after-free and potentially exploitable crash. This Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

CVE-2022-26384 [CRITICAL] CWE-693 CVE-2022-26384: If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

CVE-2022-45406 [CRITICAL] CWE-416 CVE-2022-45406: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

CVE-2022-31736 [CRITICAL] CWE-942 CVE-2022-31736: A malicious website could have learned the size of a cross-origin resource that supported Range requ A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

CVE-2022-31737 [CRITICAL] CWE-787 CVE-2022-31737: A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

CVE-2022-1887 [CRITICAL] CWE-89 CVE-2022-1887: The search term could have been specified externally to trigger SQL injection. This vulnerability af The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.

CVE-2022-34485 [CRITICAL] CWE-787 CVE-2022-34485: Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilit Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102.

CVE-2022-26486 [CRITICAL] CWE-416 CVE-2022-26486: An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable san An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.

CVE-2022-46882 [CRITICAL] CWE-416 CVE-2022-46882: A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnera A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.

CVE-2021-4140 [CRITICAL] CWE-91 CVE-2021-4140: It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. Th It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

CVE-2021-4129 [CRITICAL] CWE-787 CVE-2021-4129: Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Thi

CVE-2022-22759 [CRITICAL] CWE-693 CVE-2022-22759: If a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently append If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

CVE-2022-31747 [CRITICAL] CWE-125 CVE-2022-31747: Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memor Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thund

CVE-2022-22755 [HIGH] CWE-672 CVE-2022-22755: By using XSL Transforms, a malicious webserver could have served a user an XSL document that would c By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.