CVE-2022-40959 (firefox, firefox_esr, thunderbird) | allinfosecnews.com

Dec. 22, 2022, 8:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

cve cve-2022-40959 firefox thunderbird

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States

View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)

View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens

View on infosec-jobs.com

Cryptography Software Developer

@ Intel | USA - AZ - Chandler

View on infosec-jobs.com

Lead Consultant, Geology

@ WSP | Richmond, VA, United States

View on infosec-jobs.com

BISO Cybersecurity Director

@ ABM Industries | Alpharetta, GA, United States

View on infosec-jobs.com