Vulnerabilities > Mozilla > Thunderbird > 0.7.1

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2022-22738 Out-of-bounds Write vulnerability in Mozilla Firefox
Applying a CSS filter effect could have accessed out of bounds memory.
network
low complexity
mozilla CWE-787
8.8
2022-12-22 CVE-2022-22739 Unspecified vulnerability in Mozilla Firefox
Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-22740 Use After Free vulnerability in Mozilla Firefox
Certain network request objects were freed too early when releasing a network request handle.
network
low complexity
mozilla CWE-416
8.8
2022-12-22 CVE-2022-22741 Unspecified vulnerability in Mozilla Firefox
When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode.
network
low complexity
mozilla
7.5
2022-12-22 CVE-2022-22742 Out-of-bounds Read vulnerability in Mozilla Firefox
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash.
network
low complexity
mozilla CWE-125
6.5
2022-12-22 CVE-2022-22743 Unspecified vulnerability in Mozilla Firefox
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode.
network
low complexity
mozilla
4.3
2022-12-22 CVE-2022-22744 Improper Encoding or Escaping of Output vulnerability in Mozilla Firefox
The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell.
network
low complexity
mozilla CWE-116
8.8
2022-12-22 CVE-2022-22745 Unspecified vulnerability in Mozilla Firefox
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-22746 Race Condition vulnerability in Mozilla Firefox
A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows.
network
high complexity
mozilla CWE-362
5.9
2022-12-22 CVE-2022-22747 Improper Certificate Validation vulnerability in Mozilla Firefox
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash.
network
low complexity
mozilla CWE-295
6.5