All errata/p10/ALT-PU-2022-3045-1
ALT-PU-2022-3045-1

Package update firefox-esr in branch p10

Version102.4.0-alt1
Task#309056
Published2022-11-10
Max severityHIGH
Severity:

Closed issues (22)

BDU:2022-06049
HIGH7.5

Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код

Published: 2022-10-03Modified: 2023-03-17
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0HIGH 7.6
CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2022-06198
MEDIUM6.1

Уязвимость реализации конфигурации CSP: base-uri браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности

Published: 2022-10-12Modified: 2023-03-17
CVSS 3.xMEDIUM 6.1
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS 2.0MEDIUM 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N
References
BDU:2022-06205
MEDIUM5.8

Уязвимость реализации технологии WASM браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2022-10-12Modified: 2023-03-17
CVSS 3.xMEDIUM 5.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
CVSS 2.0MEDIUM 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
References
BDU:2022-06240
MEDIUM6.1

Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничение безопасного контекста для файлов cookie с префиксом __Host и __Secure и перезаписать эти файлы

Published: 2022-10-12Modified: 2023-03-17
CVSS 3.xMEDIUM 6.1
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS 2.0MEDIUM 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N
References
BDU:2022-06252
HIGH7.5

Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Published: 2022-10-13Modified: 2023-03-17
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0HIGH 7.6
CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2022-06253
HIGH7.5

Уязвимость реализации механизма FeaturePolicy браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности

Published: 2022-10-13Modified: 2023-03-17
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0HIGH 7.6
CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2022-06516
HIGH8.8

Уязвимость функции Window.print() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2022-10-28Modified: 2024-04-27
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H
CVSS 2.0CRITICAL 9.0
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:C
References
BDU:2022-06517
HIGH7.5

Уязвимость компонента Garbage Collector («Сборщик мусора») обработчика JavaScript-сценариев JS Engine браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Published: 2022-10-28Modified: 2024-04-27
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0HIGH 7.6
CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2022-06518
HIGH7.5

Уязвимость метода performance.getEntries() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации

Published: 2022-10-28Modified: 2024-04-27
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0HIGH 7.6
CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2022-07019
MEDIUM6.1

Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

Published: 2022-11-28Modified: 2024-04-27
CVSS 3.xMEDIUM 6.1
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS 2.0MEDIUM 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N
References
BDU:2023-02783
MEDIUM5.5

Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти в процессе некорректного программного рендеринга видео с кодировкой H.264, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» (DoS)

Published: 2023-05-24Modified: 2024-09-30
CVSS 3.xMEDIUM 5.5
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.0MEDIUM 4.9
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C
References
CVE-2022-3266
MEDIUM5.5

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xMEDIUM 5.5
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References
CVE-2022-40956
MEDIUM6.1

When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xMEDIUM 6.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References
CVE-2022-40957
MEDIUM6.5

Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.
*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References
CVE-2022-40958
MEDIUM6.5

By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
References
CVE-2022-40959
MEDIUM6.5

During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References
CVE-2022-40960
MEDIUM6.5

Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References
CVE-2022-40962
HIGH8.8

Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-42927
HIGH8.1

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xHIGH 8.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
References
CVE-2022-42928
HIGH8.8

Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2022-42929
MEDIUM6.5

If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References
CVE-2022-42932
HIGH8.8

Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Published: 2022-12-22Modified: 2025-04-15
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References