CVE search results

681 – 690 of 2921 results

Detailed view

Sort by:

CVE-2022-34472

Medium priority

Fixed

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11,...

2 affected packages

firefox, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed
thunderbird	—	Fixed	Fixed	Fixed

CVE-2022-34471

Medium priority

Fixed

When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the...

1 affected package

firefox

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed

CVE-2022-34470

Medium priority

Fixed

Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

2 affected packages

firefox, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed
thunderbird	—	Fixed	Fixed	Fixed

CVE-2022-34468

Medium priority

Fixed

An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

2 affected packages

firefox, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed
thunderbird	—	Fixed	Fixed	Fixed

CVE-2022-2200

Medium priority

Fixed

If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR <...

2 affected packages

firefox, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Fixed	Fixed
thunderbird	—	Fixed	Fixed	Fixed

CVE-2022-31748

Medium priority

Some fixes available 3 of 12

Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we...

6 affected packages

mozjs78, firefox, mozjs38, mozjs52, mozjs68, mozjs91

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2022-31747

Medium priority

Some fixes available 11 of 20

Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume...

8 affected packages

mozjs78, firefox, firefox-esr, mozjs38, mozjs52...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
firefox-esr	—	—	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed

CVE-2022-31745

Medium priority

Some fixes available 3 of 12

If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101.

6 affected packages

firefox, mozjs38, mozjs52, mozjs78, mozjs68, mozjs91

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2022-31744

Medium priority

Some fixes available 11 of 20

An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102,...

7 affected packages

firefox, mozjs38, thunderbird, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
thunderbird	Fixed	Fixed	Fixed	Fixed
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored

CVE-2022-31743

Medium priority

Some fixes available 3 of 12

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This...

6 affected packages

mozjs68, mozjs78, mozjs91, firefox, mozjs38, mozjs52

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored

Export to JSON

Results by page:

Search CVE reports