Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-5284-1
HistoryFeb 14, 2022 - 3:13 p.m.

firefox vulnerabilities

2022-02-1415:13:33
Google
osv.dev
11
firefox
security
vulnerabilities
denial of service
bypass
sensitive information
code execution
extension
auto-update
permissions bypass
image
executable
remote agent
webdriver.

AI Score

8.6

Confidence

High

EPSS

0.003

Percentile

65.6%

JSON

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, bypass security
restrictions, obtain sensitive information, or execute arbitrary code.
(CVE-2022-0511, CVE-2022-22755, CVE-2022-22759, CVE-2022-22760,
CVE-2022-22761, CVE-2022-22764)

It was discovered that extensions of a particular type could auto-update
themselves and bypass the prompt that requests permissions. If a user
were tricked into installing a specially crafted extension, an attacker
could potentially exploit this to bypass security restrictions.
(CVE-2022-22754)

It was discovered that dragging and dropping an image into a folder could
result in it being marked as executable. If a user were tricked into
dragging and dropping a specially crafted image, an attacker could
potentially exploit this to execute arbitrary code. (CVE-2022-22756)

It was discovered that Remote Agent, used in WebDriver, did not validate
Host or Origin headers. If a user were tricked into opening a specially
crafted website with WebDriver enabled, an attacker could potentially
exploit this to connect back to the user’s browser in order to control
it. (CVE-2022-22757)

Related

openvas 23
nessus 42
ubuntu 2
redos 1
kaspersky 3
mozilla 3
osv 11
redhat 10
oraclelinux 4
debian 4
centos 2
almalinux 2
rocky 2
mageia 2
suse 3
slackware 1
altlinux 2
hivepro 1
cve 9
cnvd 6
prion 9
ubuntucve 9
veracode 9
cvelist 8
alpinelinux 8
nvd 8
amazon 1
debiancve 8
redhatcve 6
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2022-04) - Linux
2022-02-09 00:00:00
Ubuntu: Security Advisory (USN-5284-1)
2022-02-15 00:00:00
Mozilla Firefox Security Advisories (MFSA2022-04, MFSA2022-05) - Mac OS X
2022-02-10 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5284-1)
2022-02-14 00:00:00
Mozilla Firefox < 97.0
2022-02-08 00:00:00
Mozilla Firefox < 97.0
2022-02-08 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2022-02-14 00:00:00
Thunderbird vulnerabilities
2022-03-23 00:00:00
redos
redos
ROS-20220210-01
2022-02-10 00:00:00
kaspersky
kaspersky
KLA12448 Multiple vulnerabilities in Mozilla Firefox
2022-02-08 00:00:00
KLA12449 Multiple vulnerabilities in Mozilla Firefox ESR
2022-02-08 00:00:00
KLA12460 Multiple vulnerabilities in Mozilla Thunderbird
2022-02-08 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 97 — Mozilla
2022-02-08 00:00:00
Security Vulnerabilities fixed in Firefox ESR 91.6 — Mozilla
2022-02-08 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.6 — Mozilla
2022-02-08 00:00:00
osv
osv
MozillaFirefox-97.0-1.1 on GA media
2024-06-15 00:00:00
Important: thunderbird security update
2022-02-15 10:03:34
Important: firefox security update
2022-02-14 08:13:38
redhat
redhat
(RHSA-2022:0539) Important: thunderbird security update
2022-02-15 10:03:54
(RHSA-2022:0514) Important: firefox security update
2022-02-14 08:14:45
(RHSA-2022:0536) Important: thunderbird security update
2022-02-15 10:03:36
oraclelinux
oraclelinux
firefox security update
2022-02-14 00:00:00
firefox security update
2022-02-16 00:00:00
thunderbird security update
2022-02-15 00:00:00
debian
debian
[SECURITY] [DLA 2916-1] firefox-esr security update
2022-02-09 19:26:32
[SECURITY] [DSA 5069-1] firefox-esr security update
2022-02-09 18:28:30
[SECURITY] [DSA 5074-1] thunderbird security update
2022-02-13 16:26:01
centos
centos
thunderbird security update
2022-02-15 22:57:09
firefox security update
2022-02-15 22:56:11
almalinux
almalinux
Important: thunderbird security update
2022-02-15 10:03:34
Important: firefox security update
2022-02-14 08:13:38
rocky
rocky
thunderbird security update
2022-02-15 10:03:34
firefox security update
2022-02-14 08:13:38
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2022-02-12 20:31:35
Updated firefox packages fix security vulnerability
2022-02-12 20:31:35
suse
suse
Security update for MozillaFirefox (important)
2022-03-04 00:00:00
Security update for MozillaThunderbird (important)
2022-02-23 00:00:00
Security update for MozillaFirefox (moderate)
2022-03-03 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2022-02-10 02:06:53
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 91.6.0-alt1
2022-02-17 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 91.6.0-alt1
2022-02-16 00:00:00
hivepro
hivepro
Multiple vulnerabilities affect Mozilla Firefox and Firefox ESR
2022-02-14 06:10:51
cve
cve
CVE-2022-22757
2022-12-22 20:15:18
CVE-2022-22755
2022-12-22 20:15:18
CVE-2022-22764
2022-12-22 20:15:20
cnvd
cnvd
Mozilla Firefox Access Control Error Vulnerability (CNVD-2023-03068)
2022-12-30 00:00:00
Mozilla Firefox Resource Misuse Vulnerability
2022-12-30 00:00:00
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2023-59031)
2023-01-04 00:00:00
prion
prion
Default configuration
2022-12-22 20:15:00
Out-of-bounds
2022-12-22 20:15:00
Security feature bypass
2022-12-22 20:15:00
ubuntucve
ubuntucve
CVE-2022-22755
2022-02-09 00:00:00
CVE-2022-22757
2022-02-09 00:00:00
CVE-2022-22760
2022-02-09 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2022-02-11 19:16:52
Denial Of Service (DoS)
2022-02-14 09:43:18
Privilege Escalation
2022-02-09 07:00:55
cvelist
cvelist
CVE-2022-22755
2022-12-22 00:00:00
CVE-2022-22757
2022-12-22 00:00:00
CVE-2022-22764
2022-12-22 00:00:00
alpinelinux
alpinelinux
CVE-2022-22757
2022-12-22 20:15:18
CVE-2022-22755
2022-12-22 20:15:18
CVE-2022-22756
2022-12-22 20:15:18
nvd
nvd
CVE-2022-22757
2022-12-22 20:15:18
CVE-2022-22755
2022-12-22 20:15:18
CVE-2022-22759
2022-12-22 20:15:19
amazon
amazon
Important: thunderbird
2022-03-07 23:34:00
debiancve
debiancve
CVE-2022-22757
2022-12-22 20:15:18
CVE-2022-22755
2022-12-22 20:15:18
CVE-2022-22759
2022-12-22 20:15:19
redhatcve
redhatcve
CVE-2022-22756
2022-02-10 19:47:57
CVE-2022-22760
2022-02-10 19:48:07
CVE-2022-22759
2022-02-10 19:48:02

AI Score

8.6

Confidence

High

EPSS

0.003

Percentile

65.6%

JSON
Related for OSV:USN-5284-1
openvas23nessus42ubuntu2redos1kaspersky3mozilla3osv11redhat10oraclelinux4debian4centos2almalinux2rocky2mageia2suse3slackware1altlinux2hivepro1cve9cnvd6prion9ubuntucve9veracode9cvelist8alpinelinux8nvd8amazon1debiancve8redhatcve6