Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-34479 | Unspecified vulnerability in Mozilla Firefox A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. | 6.5 |
| 2022-12-22 | CVE-2022-34480 | Access of Uninitialized Pointer vulnerability in Mozilla Firefox Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. | 8.8 |
| 2022-12-22 | CVE-2022-34481 | Integer Overflow or Wraparound vulnerability in Mozilla Firefox In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. | 8.8 |
| 2022-12-22 | CVE-2022-34482 | Unspecified vulnerability in Mozilla Firefox An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. | 8.8 |
| 2022-12-22 | CVE-2022-34483 | Unspecified vulnerability in Mozilla Firefox An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. | 8.8 |
| 2022-12-22 | CVE-2022-34484 | Use After Free vulnerability in Mozilla Firefox The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. | 8.8 |
| 2022-12-22 | CVE-2022-34485 | Out-of-bounds Write vulnerability in Mozilla Firefox 101.0/101.0.1 Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. | 9.8 |
| 2022-12-22 | CVE-2022-36314 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. | 5.5 |
| 2022-12-22 | CVE-2022-36315 | Unspecified vulnerability in Mozilla Firefox When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. | 4.3 |
| 2022-12-22 | CVE-2022-36316 | Open Redirect vulnerability in Mozilla Firefox When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. | 6.1 |