Vulnerabilities > Mozilla > Firefox > 95.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-31741 | Use of Uninitialized Resource vulnerability in Mozilla Firefox A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. | 8.8 |
| 2022-12-22 | CVE-2022-31744 | Cross-site Scripting vulnerability in Mozilla Firefox ESR An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. | 6.5 |
| 2022-12-22 | CVE-2022-31747 | Use After Free vulnerability in Mozilla Firefox Mozilla developers Andrew McCreight, Nicolas B. | 9.8 |
| 2022-12-22 | CVE-2022-34484 | Use After Free vulnerability in Mozilla Firefox The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. | 8.8 |
| 2022-12-22 | CVE-2022-40962 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. | 8.8 |
| 2022-12-22 | CVE-2022-42927 | Origin Validation Error vulnerability in Mozilla Firefox A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. | 8.1 |
| 2022-12-22 | CVE-2022-42928 | NULL Pointer Dereference vulnerability in Mozilla Firefox Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. | 8.8 |
| 2022-12-22 | CVE-2022-42929 | Unspecified vulnerability in Mozilla Firefox If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. | 6.5 |
| 2022-12-22 | CVE-2022-42930 | Race Condition vulnerability in Mozilla Firefox If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. | 7.1 |
| 2022-12-22 | CVE-2022-42931 | Cleartext Storage of Sensitive Information vulnerability in Mozilla Firefox Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. | 3.3 |