CVE-2022-22760
Summary
| CVE | CVE-2022-22760 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-12-22 20:15:00 UTC |
|---|
| Updated | 2022-12-30 14:03:00 UTC |
|---|
| Description | When importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6. |
|---|
NVD Known Affected Configurations (CPE 2.3)
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159631 Oracle Enterprise Linux Security Update for firefox (ELSA-2022-0510)
- 159632 Oracle Enterprise Linux Security Update for firefox (ELSA-2022-0514)
- 159633 Oracle Enterprise Linux Security Update for thunderbird (ELSA-2022-0535)
- 159634 Oracle Enterprise Linux Security Update for thunderbird (ELSA-2022-0538)
- 179060 Debian Security Update for firefox-esr (DSA 5069-1)
- 179061 Debian Security Update for firefox-esr (DLA 2916-1)
- 179071 Debian Security Update for thunderbird (DSA 5074-1)
- 179073 Debian Security Update for thunderbird (DLA 2921-1)
- 182096 Debian Security Update for firefox-esrthunderbird (CVE-2022-22760)
- 198663 Ubuntu Security Notification for Firefox Vulnerabilities (USN-5284-1)
- 198711 Ubuntu Security Notification for Thunderbird Vulnerabilities (USN-5345-1)
- 240077 Red Hat Update for firefox (RHSA-2022:0514)
- 240079 Red Hat Update for firefox (RHSA-2022:0511)
- 240080 Red Hat Update for firefox (RHSA-2022:0512)
- 240081 Red Hat Update for firefox (RHSA-2022:0510)
- 240082 Red Hat Update for thunderbird (RHSA-2022:0536)
- 240083 Red Hat Update for thunderbird (RHSA-2022:0535)
- 240084 Red Hat Update for thunderbird (RHSA-2022:0538)
- 240085 Red Hat Update for thunderbird (RHSA-2022:0537)
- 240423 Red Hat Update for thunderbird (RHSA-2022:0539)
- 240427 Red Hat Update for firefox (RHSA-2022:0513)
- 257153 CentOS Security Update for thunderbird (CESA-2022:0538)
- 257154 CentOS Security Update for firefox (CESA-2022:0514)
- 296062 Oracle Solaris 11.4 Support Repository Update (SRU) 43.113.3 Missing (CPUJAN2022)
- 353193 Amazon Linux Security Advisory for thunderbird : ALAS2-2022-1763
- 353982 Amazon Linux Security Advisory for thunderbird : ALAS2-2022-1818
- 376387 Mozilla Firefox Multiple Vulnerabilities (MFSA2022-04)
- 376388 Mozilla Firefox ESR Multiple Vulnerabilities (MFSA2022-05)
- 376402 Mozilla Thunderbird Multiple Vulnerabilities (MFSA2022-06)
- 502073 Alpine Linux Security Update for firefox-esr
- 502385 Alpine Linux Security Update for thunderbird
- 502688 Alpine Linux Security Update for firefox
- 505452 Alpine Linux Security Update for thunderbird
- 710574 Gentoo Linux Mozilla Firefox Multiple Vulnerabilities (GLSA 202202-03)
- 710585 Gentoo Linux Mozilla Thunderbird Multiple Vulnerabilities (GLSA 202208-14)
- 751758 OpenSUSE Security Update for MozillaThunderbird (openSUSE-SU-2022:0559-1)
- 751761 SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2022:0565-1)
- 751777 SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2022:0676-1)
- 751786 SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2022:0696-1)
- 751827 OpenSUSE Security Update for MozillaFirefox (openSUSE-SU-2022:40696-1)
- 753305 SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2022:14896-1)
- 940453 AlmaLinux Security Update for firefox (ALSA-2022:0510)
- 940454 AlmaLinux Security Update for thunderbird (ALSA-2022:0535)
- 960811 Rocky Linux Security Update for firefox (RLSA-2022:0510)
- 960872 Rocky Linux Security Update for thunderbird (RLSA-2022:0535)
