Search CVE reports

701 – 710 of 2924 results

Detailed view

Sort by:

CVE-2022-1802

Medium priority

Some fixes available 7 of 8

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects...

2 affected packages

firefox, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed
thunderbird	—	Fixed	Fixed	Fixed

CVE-2022-1529

Medium priority

Some fixes available 7 of 8

An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the...

2 affected packages

firefox, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed
thunderbird	—	Fixed	Fixed	Fixed

CVE-2022-29918

Medium priority

Some fixes available 3 of 12

Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some...

6 affected packages

mozjs78, firefox, mozjs38, mozjs52, mozjs68, mozjs91

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2022-29915

Low priority

Fixed

The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100.

1 affected package

firefox

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed

CVE-2022-29917

Medium priority

Some fixes available 11 of 20

Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we...

7 affected packages

mozjs78, firefox, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed

CVE-2022-29916

Medium priority

Some fixes available 11 of 20

Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox...

7 affected packages

mozjs78, firefox, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed

CVE-2022-29914

Medium priority

Some fixes available 11 of 20

When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed

CVE-2022-29912

Medium priority

Some fixes available 11 of 20

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs91...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed
mozjs78	Not in release	Ignored	Not in release	Not in release

CVE-2022-29911

Medium priority

Some fixes available 11 of 20

An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. This vulnerability affects...

7 affected packages

mozjs78, firefox, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed

CVE-2022-29909

Medium priority

Some fixes available 11 of 20

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability...

7 affected packages

mozjs78, thunderbird, mozjs91, firefox, mozjs38...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed
mozjs91	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release

Export to JSON

Results by page: