CVE-2022-46880

CVE-2022-46880 describes a missing check related to tex units that could cause a use-after-free and an exploitable crash. Affected products include Firefox (ESR < 102.6, and Firefox < 105) and Thunderbird

CVE-2022-26485

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus 97.3.0...

CVE-2022-45407

The CVE-2022-45407 entry describes a Firefox vulnerability where loading a font via FontFace() on a background worker could trigger a use-after-free, potentially enabling a crash. Affected product: Mozilla Firefox prior to version 107. Root cause: memory safety issue in handling FontFace() usage ...

CVE-2022-31737

A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

CVE-2022-26385

In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox 98...

CVE-2022-26381

An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

CVE-2022-26385

In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox 98...

CVE-2022-46882

CVE-2022-46882 is a use-after-free in WebGL extensions that could cause a crash in affected Mozilla products. Affected software include Firefox versions before 107 and Firefox ESR before 102.6, and Thunderbird before 102.6. The connected documents identify the underlying issue as a use-after-free...

CVE-2022-46880

A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affect...

CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

CVE-2022-31740

On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

CVE-2022-22737

Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-1097

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...

CVE-2022-28282

By using a link with rel="localization" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and...

CVE-2022-22740

CVE-2022-22740 is confirmed in connected documents as a use-after-free caused by freeing network request objects too early, potentially enabling a crash. Affected products: Firefox ESR < 91.5, Firefox < 96, and Thunderbird

CVE-2022-22742

CVE-2022-22742 is confirmed in connected records as an out-of-bounds memory access in Firefox/Thunderbird when inserting text in edit mode. Affected products include Firefox ESR < 91.5, Firefox < 96, and Thunderbird

CVE-2022-45409

CVE-2022-45409 describes a use-after-free in the garbage collector: GCRuntime::finishCollection could be bypassed, allowing an abort of GC in multiple states/zones and potentially causing a crash that could be exploitable. Affected software includes Firefox ESR < 102.5, Thunderbird < 102.5,...

CVE-2022-45409

The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

CVE-2021-4128

When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.This bug only affects Firefox on MacOS. Other operating systems are unaffected.. This vulnerability affects Firefox 95...

CVE-2022-45406

If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5,...