Vulnerabilities > Mozilla > Firefox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-22745 | Unspecified vulnerability in Mozilla Firefox Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. | 6.5 |
| 2022-12-22 | CVE-2022-22746 | Race Condition vulnerability in Mozilla Firefox A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. | 5.9 |
| 2022-12-22 | CVE-2022-22747 | Improper Certificate Validation vulnerability in Mozilla Firefox After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. | 6.5 |
| 2022-12-22 | CVE-2022-22748 | Unspecified vulnerability in Mozilla Firefox Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. | 6.5 |
| 2022-12-22 | CVE-2022-22749 | Unspecified vulnerability in Mozilla Firefox When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.<br>*This bug only affects Firefox for Android. | 4.3 |
| 2022-12-22 | CVE-2022-22750 | Unspecified vulnerability in Mozilla Firefox By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.<br>*This bug only affects Firefox for Windows and MacOS. | 6.5 |
| 2022-12-22 | CVE-2022-22751 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. | 8.8 |
| 2022-12-22 | CVE-2022-22752 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. | 8.8 |
| 2022-12-22 | CVE-2022-22753 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mozilla Firefox A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. | 7.1 |
| 2022-12-22 | CVE-2022-22754 | Incorrect Authorization vulnerability in Mozilla Firefox If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. | 6.5 |