Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-1197 | Improper Certificate Validation vulnerability in Mozilla Thunderbird When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. | 5.4 |
| 2022-12-22 | CVE-2022-1520 | Unspecified vulnerability in Mozilla Thunderbird When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. | 4.3 |
| 2022-12-22 | CVE-2022-1529 | Unspecified vulnerability in Mozilla Thunderbird An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. | 8.8 |
| 2022-12-22 | CVE-2022-1802 | Unspecified vulnerability in Mozilla Thunderbird If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. | 8.8 |
| 2022-12-22 | CVE-2022-1834 | Improper Certificate Validation vulnerability in Mozilla Thunderbird When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. | 6.5 |
| 2022-12-22 | CVE-2022-1887 | SQL Injection vulnerability in Mozilla Firefox The search term could have been specified externally to trigger SQL injection. | 9.8 |
| 2022-12-22 | CVE-2022-22736 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. | 7.0 |
| 2022-12-22 | CVE-2022-22737 | Race Condition vulnerability in Mozilla Firefox Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. | 7.5 |
| 2022-12-22 | CVE-2022-22738 | Out-of-bounds Write vulnerability in Mozilla Firefox Applying a CSS filter effect could have accessed out of bounds memory. | 8.8 |
| 2022-12-22 | CVE-2022-22739 | Unspecified vulnerability in Mozilla Firefox Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. | 6.5 |