Vulnerabilities > Mozilla > Firefox ESR > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-22738 | Out-of-bounds Write vulnerability in Mozilla Firefox Applying a CSS filter effect could have accessed out of bounds memory. | 8.8 |
| 2022-12-22 | CVE-2022-22740 | Use After Free vulnerability in Mozilla Firefox Certain network request objects were freed too early when releasing a network request handle. | 8.8 |
| 2022-12-22 | CVE-2022-22741 | Unspecified vulnerability in Mozilla Firefox When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. | 7.5 |
| 2022-12-22 | CVE-2022-22744 | Improper Encoding or Escaping of Output vulnerability in Mozilla Firefox The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. | 8.8 |
| 2022-12-22 | CVE-2022-22751 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. | 8.8 |
| 2022-12-22 | CVE-2022-22753 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mozilla Firefox A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. | 7.1 |
| 2022-12-22 | CVE-2022-22756 | Unspecified vulnerability in Mozilla Firefox If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. | 8.8 |
| 2022-12-22 | CVE-2022-22761 | Unspecified vulnerability in Mozilla Firefox Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. | 8.8 |
| 2022-12-22 | CVE-2022-22763 | Unspecified vulnerability in Mozilla Firefox When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. | 8.8 |
| 2022-12-22 | CVE-2022-22764 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. | 8.8 |