CVE-2022-40959

🗓️ 22 Dec 2022 20:39:15Reported by [email protected]Type

Certain pages lack FeaturePolicy initialization, leading to permission leakage in untrusted subdocuments

Reporter	Title	Published	Views	Family All 157
Veracode	Authentication Bypass	1 Oct 202218:51	–	veracode
Cvelist	CVE-2022-40959	22 Dec 202200:00	–	cvelist
Debian CVE	CVE-2022-40959	22 Dec 202220:15	–	debiancve
AlpineLinux	CVE-2022-40959	22 Dec 202220:15	–	alpinelinux
CVE	CVE-2022-40959	22 Dec 202220:15	–	cve
Prion	Design/Logic Flaw	22 Dec 202220:15	–	prion
RedhatCVE	CVE-2022-40959	8 Mar 202322:22	–	redhatcve
UbuntuCve	CVE-2022-40959	28 Sep 202200:00	–	ubuntucve
OpenVAS	Mageia: Security Advisory (MGASA-2022-0347)	26 Sep 202200:00	–	openvas
OpenVAS	Mageia: Security Advisory (MGASA-2022-0344)	22 Sep 202200:00	–	openvas

Nvd

Node

mozilla firefoxRange<105.0

mozilla firefox_esrRange<102.3

mozilla thunderbirdRange<102.3

Source	Link
mozilla	www.mozilla.org/security/advisories/mfsa2022-42/
mozilla	www.mozilla.org/security/advisories/mfsa2022-40/
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
mozilla	www.mozilla.org/security/advisories/mfsa2022-41/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Dec 2022 20:15Current

CVSS36.5

EPSS0.00106

CWE-922