Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2022-46873

Published: 22/12/2022 Updated: 03/05/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Mozilla

Vulnerability Summary

Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox < 108.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

Vendor Advisories

Ubuntu Security Notice: USN-5782-2: Firefox regressions
USN-5782-1 caused some minor regressions in Firefox ...
Ubuntu Security Notice: USN-5782-3: Firefox regressions
USN-5782-1 caused some minor regressions in Firefox ...
Ubuntu Security Notice: USN-5782-1: Firefox vulnerabilities
Several security issues were fixed in Firefox ...

References

CWE-74https://bugzilla.mozilla.org/show_bug.cgi?id=1644790https://www.mozilla.org/security/advisories/mfsa2022-51/https://security.gentoo.org/glsa/202305-06https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5782-2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook