all InfoSec news
Update Firefox products now to fix critical vulnerabilities
DEV Community dev.to
During the Pwn2Own Vancouver 2022 hacking event, Manfred Paul demonstrated an attack on the Firefox browser that involves two types of vulnerabilities: prototype pollution (CVE-2022-1802), and improper input validation (CVE-2022-1529). The attack took about 8 seconds to perform, resulting in a sandbox escape and eventually controlling the victim's operating system. In practice, users can be affected right after visiting a malicious website on a vulnerable system.
Two days after the demonstration, Mozilla released Firefox 100.0.2, Firefox …
critical critical vulnerabilities discuss firefox fix products security update vulnerabilities webdev