Vulnerabilities > Mozilla > Firefox ESR
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-1196 | Use After Free vulnerability in Mozilla Firefox ESR After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. | 6.5 |
| 2022-12-22 | CVE-2022-1529 | Unspecified vulnerability in Mozilla Thunderbird An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. | 8.8 |
| 2022-12-22 | CVE-2022-1802 | Unspecified vulnerability in Mozilla Thunderbird If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. | 8.8 |
| 2022-12-22 | CVE-2022-22737 | Race Condition vulnerability in Mozilla Firefox Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. | 7.5 |
| 2022-12-22 | CVE-2022-22738 | Out-of-bounds Write vulnerability in Mozilla Firefox Applying a CSS filter effect could have accessed out of bounds memory. | 8.8 |
| 2022-12-22 | CVE-2022-22739 | Unspecified vulnerability in Mozilla Firefox Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. | 6.5 |
| 2022-12-22 | CVE-2022-22740 | Use After Free vulnerability in Mozilla Firefox Certain network request objects were freed too early when releasing a network request handle. | 8.8 |
| 2022-12-22 | CVE-2022-22741 | Unspecified vulnerability in Mozilla Firefox When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. | 7.5 |
| 2022-12-22 | CVE-2022-22742 | Out-of-bounds Read vulnerability in Mozilla Firefox When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. | 6.5 |
| 2022-12-22 | CVE-2022-22743 | Unspecified vulnerability in Mozilla Firefox When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. | 4.3 |