Mozilla: >> Firefox Esr >> 102.2 Security Vulnerabilities
An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-12-22
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-12-22
Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-12-22
Page 17