Vulnerabilities > Mozilla > Thunderbird > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2022-1834 Improper Certificate Validation vulnerability in Mozilla Thunderbird
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces.
network
low complexity
mozilla CWE-295
6.5
2022-12-22 CVE-2022-22739 Unspecified vulnerability in Mozilla Firefox
Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-22742 Out-of-bounds Read vulnerability in Mozilla Firefox
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash.
network
low complexity
mozilla CWE-125
6.5
2022-12-22 CVE-2022-22743 Unspecified vulnerability in Mozilla Firefox
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode.
network
low complexity
mozilla
4.3
2022-12-22 CVE-2022-22745 Unspecified vulnerability in Mozilla Firefox
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-22746 Race Condition vulnerability in Mozilla Firefox
A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows.
network
high complexity
mozilla CWE-362
5.9
2022-12-22 CVE-2022-22747 Improper Certificate Validation vulnerability in Mozilla Firefox
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash.
network
low complexity
mozilla CWE-295
6.5
2022-12-22 CVE-2022-22748 Unspecified vulnerability in Mozilla Firefox
Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-22754 Incorrect Authorization vulnerability in Mozilla Firefox
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions.
network
low complexity
mozilla CWE-863
6.5
2022-12-22 CVE-2022-22760 Information Exposure Through an Error Message vulnerability in Mozilla Firefox
When importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> responses and non-script responses.
network
low complexity
mozilla CWE-209
6.5