CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2022/12/22 8:15 p.m.•6 views

CVE-2022-45410

6.5CVSS8.7AI score

Prion•added 2022/12/22 8:15 p.m.•19 views

Design/Logic Flaw

4.3CVSS6.8AI score0.00744EPSS

Exploits0References4Affected Software3

Vulnrichment•added 2022/12/22 12:0 a.m.•4 views

CVE-2022-45410

6.3AI score0.00744EPSS

CVE•added 2022/12/22 12:0 a.m.•188 views

CVE-2022-45410

CVE-2022-45410 : When a ServiceWorker intercepted a request with a FetchEvent, the origin of the request could be lost after the ServiceWorker took ownership, negating SameSite cookie protections. Affected: Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox

6.5CVSS7.1AI score0.00744EPSS

Exploits0References4Affected Software3

AlpineLinux•added 2022/12/22 12:0 a.m.•25 views

CVE-2022-45410

6.5CVSS7.5AI score0.00744EPSS

Exploits0

Debian CVE•added 2022/12/22 12:0 a.m.•34 views

CVE-2022-45410

6.5CVSS8.1AI score0.00744EPSS

Exploits0

Tenable Nessus•added 2022/11/23 12:0 a.m.•33 views

Oracle Linux 8 : thunderbird (ELSA-2022-8547)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-8547 advisory. 102.5.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.5.0-2 - Update to 102.5.0 build2 102.5.0-1 -...

9.8CVSS7.4AI score0.01061EPSS

Exploits0References14

RedHat Linux•added 2022/11/21 12:37 p.m.•2 views

Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy

The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...

RedHat Linux•added 2022/11/21 12:35 p.m.•3 views

Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy

RedHat Linux•added 2022/11/21 11:35 a.m.•1 views

Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy

RedHat Linux•added 2022/11/21 11:29 a.m.•18 views

Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy

Tenable Nessus•added 2022/11/21 12:0 a.m.•22 views

AlmaLinux 8 : thunderbird (ALSA-2022:8547)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:8547 advisory. - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with...

9.8CVSS7.8AI score0.01061EPSS

Exploits0References14

Veracode•added 2022/11/19 6:49 p.m.•27 views

Authentication Bypass

firefox is vulnerable to authentication bypass. The vulnerability exists when a ServiceWorker intercepted a request with FetchEvent which allows an attacker to bypass SameSite cookie policy by sending malicious requests...

6.5CVSS8.2AI score0.00744EPSS

Exploits0References5Affected Software6

OpenVAS•added 2022/11/18 12:0 a.m.•15 views

SUSE: Security Advisory (SUSE-SU-2022:4058-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.01061EPSS

RedhatCVE•added 2022/11/16 11:26 a.m.•31 views

CVE-2022-45410

6.1CVSS3.6AI score0.00744EPSS

Exploits0References5

UbuntuCve•added 2022/11/16 12:0 a.m.•27 views

CVE-2022-45410

6.5CVSS6.8AI score0.00744EPSS