Mozilla Firefox vulnerabilities

CVE-2022-1802 [HIGH] CWE-1321 CVE-2022-1802: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollut If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.

CVE-2022-28288 [HIGH] CWE-787 CVE-2022-28288: Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Te Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.

CVE-2022-45412 [HIGH] CWE-59 CVE-2022-45412: When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produc When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. *This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird

CVE-2022-2200 [HIGH] CWE-1321 CVE-2022-2200: If an object prototype was corrupted by an attacker, they would have been able to set undesired attr If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

CVE-2022-29909 [HIGH] CWE-276 CVE-2022-29909: Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

CVE-2022-28281 [HIGH] CWE-787 CVE-2022-28281: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register comm If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

CVE-2022-34469 [HIGH] CWE-295 CVE-2022-34469: When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. *This bug only affects Firefox for Android. Other operating syste

CVE-2022-42930 [HIGH] CWE-362 CVE-2022-42930: If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. This vulnerability affects Firefox < 106.

CVE-2022-46885 [HIGH] CWE-787 CVE-2022-46885: Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106.

CVE-2022-22756 [HIGH] CWE-94 CVE-2022-22756: If a user was convinced to drag and drop an image to their desktop or other folder, the resulting ob If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

CVE-2022-0511 [HIGH] CWE-787 CVE-2022-0511: Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herr Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary cod

CVE-2022-34483 [HIGH] CVE-2022-34483: An attacker who could have convinced a user to drag and drop an image to a filesystem could have man An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.

CVE-2022-42928 [HIGH] CWE-476 CVE-2022-42928: Certain types of allocations were missing annotations that, if the Garbage Collector was in a specif Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

CVE-2022-42932 [HIGH] CWE-787 CVE-2022-42932: Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in F Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4

CVE-2022-22740 [HIGH] CWE-416 CVE-2022-22740: Certain network request objects were freed too early when releasing a network request handle. This c Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

CVE-2022-46883 [HIGH] CWE-787 CVE-2022-46883: Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team re Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.*Note*: This advisory was added on December 13

CVE-2022-40962 [HIGH] CWE-787 CVE-2022-40962: Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vuln

CVE-2022-22738 [HIGH] CWE-787 CVE-2022-22738: Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a hea Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

CVE-2022-38477 [HIGH] CWE-787 CVE-2022-38477: Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in F Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird <

CVE-2022-28284 [HIGH] CWE-116 CVE-2022-28284: SVG's <code>&lt;use&gt;</code> element could have been used to load unexpected content that could ha SVG's element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.