Vulnerabilities > Mozilla > VPN > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2020-15679 | Session Fixation vulnerability in Mozilla VPN 1.0.7/1.1.0 An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. | 7.6 |
| 2022-12-22 | CVE-2022-0517 | Unrestricted Upload of File with Dangerous Type vulnerability in Mozilla VPN Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. | 7.8 |