CVE-2022-45417
Summary
| CVE | CVE-2022-45417 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-12-22 20:15:00 UTC |
| Updated | 2023-01-04 19:42:00 UTC |
| Description | Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107. |
Risk And Classification
Problem Types: CWE-1021
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Access Denied | MISC | bugzilla.mozilla.org | |
| Security Vulnerabilities fixed in Firefox 107 — Mozilla | MISC | www.mozilla.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 199028 Ubuntu Security Notification for Firefox Vulnerabilities (USN-5726-1)
- 296098 Oracle Solaris 11.4 Support Repository Update (SRU) 52.132.2 Missing (CPUOCT2022)
- 377768 Mozilla Firefox Multiple Vulnerabilities (MFSA2022-47)
- 710686 Gentoo Linux Mozilla Firefox Multiple Vulnerabilities (GLSA 202211-06)