CVE-2022-22755

By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox 97...

CVE-2022-0843

Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...

CVE-2022-0843

Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...

CVE-2022-0843

Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...

Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption, some of which could...

Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption, some of which could...

Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption, some of which could...

Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption, some of which could...

Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption, some of which could...

CVE-2022-22759

If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox 97, Thunderbird 91.6, and...

CVE-2022-22755

By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox 97...