CVE-2022-36319 Overflow and transform can interfere with each other, resulting in unpredictable mouse behavior.
This issue was fixed in Firefox ESR version 10.2.
CVEs assigned: CVE-2018-5602
Internal parser could be used to find sensitive data when feeding from a file
Firefox and Firefox ESR 10.2 is affected by a vulnerability which could allow an attacker to use the internal parser to find sensitive data when feeding from a file. CVE-2018-5602 has been assigned for this issue.
Timeline
Published on: 12/22/2022 20:15:00 UTC
Last modified on: 01/04/2023 02:17:00 UTC
References
- https://www.mozilla.org/security/advisories/mfsa2022-31/
- https://www.mozilla.org/security/advisories/mfsa2022-30/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1737722
- https://www.mozilla.org/security/advisories/mfsa2022-32/
- https://www.mozilla.org/security/advisories/mfsa2022-28/
- https://www.mozilla.org/security/advisories/mfsa2022-29/
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36319