CVE-2022-22760 - How Firefox Leaked Cross-Origin Resource Information via Web Workers
In early 2022, Mozilla patched a subtle yet impactful security flaw that affected Firefox, Firefox ESR, and Thunderbird. Tracked as CVE-2022-22760, this vulnerability exposed a
CVE-2022-28286 The layout of the iframe contents could have been changed in a way that could lead to user confusion or spoofing attacks.
Iframes were not rendered outside of their parent window before, as they are now. This could be used to potentially leak data across domains with
CVE-2022-34470 Session history navigations may have led to a use-after-free and potentially exploitable crash
It is potentially exploitable, and users who encounter this issue should update as soon as possible. WebExtensions are a new type of add-on that allows
CVE-2022-26381 An attacker could exploit a use-after-free to crash the browser.
A user could enter an unsafe URL in a text field, press enter, and cause a use-after-free resulting in a potentially exploitable crash. This vulnerability
CVE-2022-29912 Requests initiated through reader mode did not properly omit cookies with a SameSite attribute
If a user had a malicious site set as their preferred email provider through an add-on like Preference synchronizer, and then installed an add-on which
Episode
00:00:00
00:00:00