MozillaFirefox (SUSE:Linux Enterprise High Performance Computing 15-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15-LTSS package MozillaFirefox, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (167)
CVE-2021-4140 — CVSS 10.0 (critical): It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR <…
CVE-2021-38503 — CVSS 10.0 (critical): The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing…
CVE-2022-31737 — CVSS 9.8 (critical): A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash…
CVE-2022-34476 — CVSS 9.8 (critical): ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This…
CVE-2022-46882 — CVSS 9.8 (critical): A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox…
CVE-2022-29917 — CVSS 9.8 (critical): Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in…
CVE-2022-45406 — CVSS 9.8 (critical): If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on…
CVE-2022-31747 — CVSS 9.8 (critical): Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100…
CVE-2021-32810 — CVSS 9.8 (critical): crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and…
CVE-2022-34485 — CVSS 9.8 (critical): Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of…
CVE-2022-31736 — CVSS 9.8 (critical): A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects…
CVE-2022-34470 — CVSS 9.8 (critical): Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102…
CVE-2022-22759 — CVSS 9.6 (critical): If a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently appended an element to the iframe's document…
CVE-2022-26384 — CVSS 9.6 (critical): If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they…
CVE-2021-29989 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory…
CVE-2021-29990 — CVSS 8.8 (high): Mozilla developers and community members reported memory safety bugs present in Firefox 90. Some of these bugs showed evidence of memory…
CVE-2021-30547 — CVSS 8.8 (high): Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory…
CVE-2021-38495 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. Some of these bugs showed evidence of memory corruption and…
CVE-2021-38496 — CVSS 8.8 (high): During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a…
CVE-2022-42932 — CVSS 8.8 (high): Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some…
CVE-2021-23987 — CVSS 8.8 (high): Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed…
CVE-2021-23994 — CVSS 8.8 (high): A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects…
CVE-2021-23995 — CVSS 8.8 (high): When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this…
CVE-2021-23999 — CVSS 8.8 (high): If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional…
CVE-2021-24002 — CVSS 8.8 (high): When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and…
CVE-2021-29946 — CVSS 8.8 (high): Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when…
CVE-2021-29967 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory…
CVE-2021-29970 — CVSS 8.8 (high): A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be…
CVE-2021-29976 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence…
CVE-2021-29980 — CVSS 8.8 (high): Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable…
CVE-2021-29981 — CVSS 8.8 (high): An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code…
CVE-2021-29984 — CVSS 8.8 (high): Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage…
CVE-2021-29985 — CVSS 8.8 (high): A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This…
CVE-2021-29988 — CVSS 8.8 (high): Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a…
CVE-2021-38500 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory…
CVE-2021-38501 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory…
CVE-2021-38504 — CVSS 8.8 (high): When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to…
CVE-2021-38510 — CVSS 8.8 (high): The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's…
CVE-2021-43537 — CVSS 8.8 (high): An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially…
CVE-2021-43539 — CVSS 8.8 (high): Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing…
CVE-2022-1529 — CVSS 8.8 (high): An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading…
CVE-2022-1802 — CVSS 8.8 (high): If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution…
CVE-2022-2200 — CVSS 8.8 (high): If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading…
CVE-2022-22738 — CVSS 8.8 (high): Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially…
CVE-2022-22740 — CVSS 8.8 (high): Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free…
CVE-2022-22744 — CVSS 8.8 (high): The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to…
CVE-2022-22751 — CVSS 8.8 (high): Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve…
CVE-2022-22756 — CVSS 8.8 (high): If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an…
CVE-2022-22761 — CVSS 8.8 (high): Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it…
CVE-2022-22763 — CVSS 8.8 (high): When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible…
CVE-2022-22764 — CVSS 8.8 (high): Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of…
CVE-2022-2505 — CVSS 8.8 (high): Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of…
CVE-2022-26381 — CVSS 8.8 (high): An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This…
CVE-2022-28281 — CVSS 8.8 (high): If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of…
CVE-2022-28289 — CVSS 8.8 (high): Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory…
CVE-2022-29909 — CVSS 8.8 (high): Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the…
CVE-2022-31739 — CVSS 8.8 (high): When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to…
CVE-2022-31740 — CVSS 8.8 (high): On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially…
CVE-2022-31741 — CVSS 8.8 (high): A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption…
CVE-2022-34468 — CVSS 8.8 (high): An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability…
CVE-2022-34480 — CVSS 8.8 (high): Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been…
CVE-2022-34481 — CVSS 8.8 (high): In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to…
CVE-2022-34482 — CVSS 8.8 (high): An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to…
CVE-2022-34483 — CVSS 8.8 (high): An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to…
CVE-2022-34484 — CVSS 8.8 (high): The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory…
CVE-2022-38473 — CVSS 8.8 (high): A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access)…
CVE-2022-38477 — CVSS 8.8 (high): Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some…
CVE-2022-38478 — CVSS 8.8 (high): Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of…
CVE-2022-40962 — CVSS 8.8 (high): Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety…
CVE-2022-42928 — CVSS 8.8 (high): Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory…
CVE-2022-45409 — CVSS 8.8 (high): The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been…
CVE-2022-45412 — CVSS 8.8 (high): When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a…
CVE-2022-45421 — CVSS 8.8 (high): Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed…
CVE-2022-46874 — CVSS 8.8 (high): A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its…
CVE-2022-46878 — CVSS 8.8 (high): Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in…
CVE-2022-46881 — CVSS 8.8 (high): An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. *Note*…
CVE-2022-46872 — CVSS 8.6 (high): An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC…
CVE-2021-29991 — CVSS 8.1 (high): Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting…
CVE-2022-42927 — CVSS 8.1 (high): A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via…
CVE-2022-34469 — CVSS 8.1 (high): When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the…
CVE-2021-23981 — CVSS 8.1 (high): A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in…
CVE-2021-29986 — CVSS 8.1 (high): A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only…
CVE-2022-26387 — CVSS 7.5 (high): When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the…
CVE-2022-24713 — CVSS 7.5 (high): regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of…
CVE-2022-22741 — CVSS 7.5 (high): When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability…
CVE-2022-38476 — CVSS 7.5 (high): A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this…
CVE-2022-36319 — CVSS 7.5 (high): When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This…
CVE-2021-38498 — CVSS 7.5 (high): During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a…
CVE-2022-34477 — CVSS 7.5 (high): The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site…
CVE-2022-22737 — CVSS 7.5 (high): Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a…
CVE-2021-23961 — CVSS 7.4 (high): Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's…
CVE-2021-29964 — CVSS 7.1 (high): A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds…
CVE-2022-22753 — CVSS 7.1 (high): A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an…
CVE-2022-45405 — CVSS 6.5 (medium): Freeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially…
CVE-2022-31742 — CVSS 6.5 (medium): An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between…
CVE-2022-31744 — CVSS 6.5 (medium): An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's…
CVE-2021-29951 — CVSS 6.5 (medium): The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access…
CVE-2021-23982 — CVSS 6.5 (medium): Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as…
CVE-2021-29945 — CVSS 6.5 (medium): The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue…
CVE-2022-34471 — CVSS 6.5 (medium): When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the…
CVE-2021-23998 — CVSS 6.5 (medium): Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This…
CVE-2022-22742 — CVSS 6.5 (medium): When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable…
CVE-2022-40957 — CVSS 6.5 (medium): Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only…
CVE-2022-40958 — CVSS 6.5 (medium): By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus…
CVE-2022-40959 — CVSS 6.5 (medium): During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device…
CVE-2022-40960 — CVSS 6.5 (medium): Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially…
CVE-2021-29987 — CVSS 6.5 (medium): After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a…
CVE-2022-26386 — CVSS 6.5 (medium): Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior…
CVE-2022-28282 — CVSS 6.5 (medium): By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript…
CVE-2022-28285 — CVSS 6.5 (medium): When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another…
CVE-2022-42929 — CVSS 6.5 (medium): If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond…
CVE-2022-29914 — CVSS 6.5 (medium): When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser…
CVE-2022-29916 — CVSS 6.5 (medium): Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been…
CVE-2021-29983 — CVSS 6.5 (medium): Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note…
CVE-2021-29982 — CVSS 6.5 (medium): Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a…
CVE-2022-31738 — CVSS 6.5 (medium): When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user…
CVE-2022-45403 — CVSS 6.5 (medium): Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media…
CVE-2022-45404 — CVSS 6.5 (medium): Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window to go fullscreen without the user seeing…
CVE-2021-38497 — CVSS 6.5 (medium): Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to…
CVE-2021-38505 — CVSS 6.5 (medium): Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to…
CVE-2021-38507 — CVSS 6.5 (medium): The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual…
CVE-2022-46875 — CVSS 6.5 (medium): The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer…
CVE-2021-38492 — CVSS 6.5 (medium): When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and…
CVE-2021-43536 — CVSS 6.5 (medium): Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability…
CVE-2021-23984 — CVSS 6.5 (medium): A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be…
CVE-2021-43541 — CVSS 6.5 (medium): When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This…
CVE-2021-43542 — CVSS 6.5 (medium): Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols…
CVE-2021-43545 — CVSS 6.5 (medium): Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0…
CVE-2022-1097 — CVSS 6.5 (medium): <code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads…
CVE-2022-1196 — CVSS 6.5 (medium): After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable…
CVE-2022-38472 — CVSS 6.5 (medium): An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the…
CVE-2022-45416 — CVSS 6.5 (medium): Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as…
CVE-2022-22739 — CVSS 6.5 (medium): Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability…
CVE-2022-22760 — CVSS 6.5 (medium): When importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code>…
CVE-2022-22745 — CVSS 6.5 (medium): Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects…
CVE-2022-22747 — CVSS 6.5 (medium): After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This…
CVE-2022-22748 — CVSS 6.5 (medium): Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL…
CVE-2022-45420 — CVSS 6.5 (medium): Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe…
CVE-2022-22754 — CVSS 6.5 (medium): If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt…
CVE-2022-34478 — CVSS 6.5 (medium): The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing…
CVE-2022-34479 — CVSS 6.5 (medium): A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in…
CVE-2022-45408 — CVSS 6.5 (medium): Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification…
CVE-2022-46880 — CVSS 6.5 (medium): A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was…
CVE-2022-45410 — CVSS 6.5 (medium): When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took…
CVE-2022-34475 — CVSS 6.1 (medium): SVG <code><use></code> tags that referenced a same-origin document could have resulted in script execution if attacker input was…
CVE-2022-29911 — CVSS 6.1 (medium): An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script…
CVE-2021-43543 — CVSS 6.1 (medium): Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This…
CVE-2022-34474 — CVSS 6.1 (medium): Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an…
CVE-2022-45418 — CVSS 6.1 (medium): If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting…
CVE-2022-45411 — CVSS 6.1 (medium): Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization…
CVE-2022-34473 — CVSS 6.1 (medium): The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code><use></code> tags; however it incorrectly did…
CVE-2022-40956 — CVSS 6.1 (medium): When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead…
CVE-2022-29912 — CVSS 6.1 (medium): Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird <…
CVE-2022-22746 — CVSS 5.9 (medium): A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being…
CVE-2022-36314 — CVSS 5.5 (medium): When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network…
CVE-2022-28286 — CVSS 5.4 (medium): Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing…
CVE-2022-36318 — CVSS 5.3 (medium): When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox…
CVE-2021-38509 — CVSS 4.3 (medium): Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be…
CVE-2021-38508 — CVSS 4.3 (medium): By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the…
CVE-2022-26383 — CVSS 4.3 (medium): When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability…
CVE-2022-34472 — CVSS 4.3 (medium): If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in…
CVE-2021-43546 — CVSS 4.3 (medium): It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects…
CVE-2022-22743 — CVSS 4.3 (medium): When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to…
CVE-2021-43538 — CVSS 4.3 (medium): By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full…
CVE-2021-38506 — CVSS 4.3 (medium): Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to…