Vulnerabilities > Mozilla > Firefox > 101.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-02 | CVE-2023-32215 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. | 8.8 |
2022-12-22 | CVE-2022-2200 | Unspecified vulnerability in Mozilla Firefox If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. | 8.8 |
2022-12-22 | CVE-2022-2505 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. | 8.8 |
2022-12-22 | CVE-2022-34468 | Unspecified vulnerability in Mozilla Firefox An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. | 8.8 |
2022-12-22 | CVE-2022-34469 | Improper Certificate Validation vulnerability in Mozilla Firefox When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. | 8.1 |
2022-12-22 | CVE-2022-34470 | Use After Free vulnerability in Mozilla Firefox Session history navigations may have led to a use-after-free and potentially exploitable crash. | 9.8 |
2022-12-22 | CVE-2022-34471 | Unspecified vulnerability in Mozilla Firefox When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. | 6.5 |
2022-12-22 | CVE-2022-34472 | Unspecified vulnerability in Mozilla Firefox If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. | 4.3 |
2022-12-22 | CVE-2022-34473 | Cross-site Scripting vulnerability in Mozilla Firefox The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code><use></code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. | 6.1 |
2022-12-22 | CVE-2022-34474 | Open Redirect vulnerability in Mozilla Firefox Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. | 6.1 |