CVE-2022-34470 Session history navigations may have led to a use-after-free and potentially exploitable crash
It is potentially exploitable, and users who encounter this issue should update as soon as possible. WebExtensions are a new type of add-on that allows
CVE-2022-26381 An attacker could exploit a use-after-free to crash the browser.
A user could enter an unsafe URL in a text field, press enter, and cause a use-after-free resulting in a potentially exploitable crash. This vulnerability
CVE-2022-29912 Requests initiated through reader mode did not properly omit cookies with a SameSite attribute
If a user had a malicious site set as their preferred email provider through an add-on like Preference synchronizer, and then installed an add-on which
CVE-2022-29915 The Performance API did not properly hide the fact whether a request has observed redirects. This issue is resolved.
This issue has been fixed in Firefox version 101.
In Firefox 101, the Performance API incorrectly returned false when the user navigated from an origin
CVE-2022-28286 The layout of the iframe contents could have been changed in a way that could lead to user confusion or spoofing attacks.
Iframes were not rendered outside of their parent window before, as they are now. This could be used to potentially leak data across domains with
Episode
00:00:00
00:00:00