CVE-2022-26486 An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw.
The issue is triggered when WebGPU is enabled in a site and a malformed message is received by the browser. By sending a malformed message,
CVE-2022-31747 Memory safety bugs were found in Firefox 100 and Firefox ESR 91.9.
It has been reported that some Windows users may have encountered crashes when visiting some websites or receiving unexpected content. If you happen to be
CVE-2022-34485 Mozilla developers found vulnerabilities in Firefox 101.
It is highly recommended to upgrade your installations to latest stable version as soon as possible. For Debian/Ubuntu users there are repositories with latest
CVE-2022-45420 An attacker could use tables inside iframes to spoof contents or confuse users.
Due to the limitations of HTML tables, iframe contents could not be placed relative to other content, and they could not be opened in new
CVE-2022-36315 Subresource Integrity protects against script reuse when an injection attack occurs.
If the integrity service is enabled for a script, it can be triggered by injecting a fake script that appears to come from a trusted
Episode
00:00:00
00:00:00