An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Affected configurations

NVD

Node

mozillafirefoxRange<102.0

mozillafirefox_esrRange<91.11

mozillathunderbirdRange<91.11

References

bugzilla.mozilla.org/show_bug.cgi?id=1768537

www.mozilla.org/security/advisories/mfsa2022-24/

www.mozilla.org/security/advisories/mfsa2022-25/

www.mozilla.org/security/advisories/mfsa2022-26/

cve 1

veracode 1

cnvd 1

alpinelinux 1

prion 1

ubuntucve 1

debiancve 1

cvelist 1

redhatcve 1

malwarebytes 1

debian 3

nessus 52

redhat 12

rocky 2

oraclelinux 6

openvas 28

osv 8

centos 2

redos 2

mageia 2

suse 4

mozilla 3

kaspersky 3

almalinux 1

slackware 2

altlinux 2

ubuntu 2

amazon 2

ibm 2

gentoo 2

cve

CVE-2022-34468

2022-12-22 20:15:30

veracode

Authentication Bypass

2022-06-30 22:08:51

cnvd

Mozilla Firefox Security Feature Issue Vulnerability (CNVD-2023-86126)

2023-10-12 00:00:00

alpinelinux

CVE-2022-34468

2022-12-22 20:15:30

prion

Code injection

2022-12-22 20:15:00

ubuntucve

CVE-2022-34468

2022-07-05 00:00:00

debiancve

CVE-2022-34468

2022-12-22 20:15:30

cvelist

CVE-2022-34468

2022-12-22 00:00:00

redhatcve

CVE-2022-34468

2022-06-29 12:36:01

malwarebytes

Update now! Mozilla fixes security vulnerabilities and introduces a new privacy feature for Firefox

2022-06-30 14:01:41

debian

[SECURITY] [DLA 3064-1] firefox-esr security update

2022-06-30 22:06:02

[SECURITY] [DSA 5172-1] firefox-esr security update

2022-06-29 17:25:23

[SECURITY] [DSA 5175-1] thunderbird security update

2022-07-04 19:01:48

nessus

RHEL 8 : firefox (RHSA-2022:5472)

2022-07-01 00:00:00

Debian DSA-5172-1 : firefox-esr - security update

2022-06-30 00:00:00

RHEL 9 : firefox (RHSA-2022:5481)

2022-07-01 00:00:00

redhat

(RHSA-2022:5474) Important: firefox security update

2022-06-30 21:34:20

(RHSA-2022:5477) Important: firefox security update

2022-06-30 21:36:31

(RHSA-2022:5469) Important: firefox security update

2022-06-30 21:27:52

rocky

firefox security update

2022-06-30 21:27:52

thunderbird security update

2022-06-30 21:27:54

oraclelinux

firefox security update

2022-07-01 00:00:00

firefox security update

2022-07-02 00:00:00

firefox security update

2022-07-01 00:00:00

openvas

Debian: Security Advisory (DSA-5172-1)

2022-06-30 00:00:00

Debian: Security Advisory (DLA-3064-1)

2022-07-01 00:00:00

CentOS: Security Advisory for firefox (CESA-2022:5479)

2022-08-03 00:00:00

osv

Important: firefox security update

2022-06-30 21:27:52

firefox-esr - security update

2022-06-29 00:00:00

firefox-esr - security update

2022-06-30 00:00:00

centos

firefox security update

2022-08-02 19:46:35

thunderbird security update

2022-08-02 19:47:27

redos

ROS-20220701-02

2022-07-01 00:00:00

ROS-20220701-03

2022-07-01 00:00:00

mageia

Updated firefox packages fix security vulnerability

2022-07-05 22:11:26

Updated thunderbird packages fix security vulnerability

2022-07-05 22:11:26

suse

Security update for MozillaFirefox (important)

2022-07-07 00:00:00

Security update for MozillaThunderbird (important)

2022-07-07 00:00:00

Security update for MozillaThunderbird (important)

2022-09-15 00:00:00

mozilla

Security Vulnerabilities fixed in Firefox ESR 91.11 — Mozilla

2022-06-28 00:00:00

Security Vulnerabilities fixed in Thunderbird 91.11 and Thunderbird 102 — Mozilla

2022-06-28 00:00:00

Security Vulnerabilities fixed in Firefox 102 — Mozilla

2022-06-28 00:00:00

kaspersky

KLA12576 Multiple vulnerabilities in Mozilla Firefox ESR

2022-06-28 00:00:00

KLA12574 Multiple vulnerabilities in Mozilla Thunderbird

2022-06-28 00:00:00

KLA12575 Multiple vulnerabilities in Mozilla Firefox

2022-06-28 00:00:00

almalinux

Important: thunderbird security update

2022-07-01 00:00:00

slackware

[slackware-security] mozilla-firefox

2022-06-28 19:28:12

[slackware-security] mozilla-thunderbird

2022-07-01 01:07:20

altlinux

Security fix for the ALT Linux 10 package firefox-esr version 91.11.0-alt1

2022-06-29 00:00:00

Security fix for the ALT Linux 10 package thunderbird version 102.0-alt1

2022-06-29 00:00:00

ubuntu

Thunderbird vulnerabilities

2022-07-14 00:00:00

Firefox vulnerabilities

2022-07-05 00:00:00

amazon

Important: thunderbird

2023-02-17 00:11:00

Important: thunderbird

2023-02-17 00:11:00

ibm

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.2ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF16 - 2022.4.0

2022-11-15 05:24:36

Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring.

2023-01-31 14:47:39

gentoo

Mozilla Firefox: Multiple Vulnerabilities

2022-08-10 00:00:00

Mozilla Thunderbird: Multiple Vulnerabilities

2022-08-10 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

52.6%

JSON

Related for NVD:CVE-2022-34468

cve1 veracode1 cnvd1 alpinelinux1 prion1 ubuntucve1 debiancve1 cvelist1 redhatcve1 malwarebytes1 debian3 nessus52 redhat12 rocky2 oraclelinux6 openvas28 osv8 centos2 redos2 mageia2 suse4 mozilla3 kaspersky3 almalinux1 slackware2 altlinux2 ubuntu2 amazon2 ibm2 gentoo2