Vulnerabilities > Mozilla > Firefox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-46872 | Unspecified vulnerability in Mozilla Firefox An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. | 8.6 |
| 2022-12-22 | CVE-2022-46873 | Injection vulnerability in Mozilla Firefox Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. | 8.8 |
| 2022-12-22 | CVE-2022-46874 | Unspecified vulnerability in Mozilla Firefox A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. | 8.8 |
| 2022-12-22 | CVE-2022-46878 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. | 8.8 |
| 2022-12-22 | CVE-2022-46879 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. | 8.8 |
| 2022-12-22 | CVE-2022-46881 | Out-of-bounds Write vulnerability in Mozilla Firefox An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. | 8.8 |
| 2022-12-22 | CVE-2022-46883 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. | 8.8 |
| 2022-12-22 | CVE-2022-46885 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. | 8.8 |
| 2022-11-19 | CVE-2022-4066 | Improper Resource Shutdown or Release vulnerability in multiple products A vulnerability was found in davidmoreno onion. | 8.2 |
| 2021-12-08 | CVE-2021-38504 | Use After Free vulnerability in multiple products When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. | 8.8 |