Vulnerabilities > Mozilla > Firefox > 2.0.0.17

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2022-22764 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5.
network
low complexity
mozilla CWE-787
8.8
2022-12-22 CVE-2022-28285 Out-of-bounds Read vulnerability in Mozilla Firefox ESR
When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used.
network
low complexity
mozilla CWE-125
6.5
2022-12-22 CVE-2022-29917 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8.
network
low complexity
mozilla CWE-787
critical
9.8
2022-12-22 CVE-2022-31740 Unspecified vulnerability in Mozilla Firefox ESR
On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash.
network
low complexity
mozilla
8.8
2022-12-22 CVE-2022-31741 Use of Uninitialized Resource vulnerability in Mozilla Firefox
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption.
network
low complexity
mozilla CWE-908
8.8
2022-12-22 CVE-2022-31744 Cross-site Scripting vulnerability in Mozilla Firefox ESR
An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy.
network
low complexity
mozilla CWE-79
6.5
2022-12-22 CVE-2022-31747 Use After Free vulnerability in Mozilla Firefox
Mozilla developers Andrew McCreight, Nicolas B.
network
low complexity
mozilla CWE-416
critical
9.8
2022-12-22 CVE-2022-34484 Use After Free vulnerability in Mozilla Firefox
The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10.
network
low complexity
mozilla CWE-416
8.8
2022-12-22 CVE-2022-38472 Origin Validation Error vulnerability in Mozilla Thunderbird
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar.
network
low complexity
mozilla CWE-346
6.5
2022-12-22 CVE-2022-38473 Improper Preservation of Permissions vulnerability in Mozilla Thunderbird
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access).
network
low complexity
mozilla CWE-281
8.8