QID 377768

Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

Mozilla Firefox is prone to
CVE-2022-45403: Service Workers might have learned size of cross-origin media files
CVE-2022-45404: Fullscreen notification bypass
CVE-2022-45405: Use-after-free in InputStream implementation
CVE-2022-45406: Use-after-free of a JavaScript Realm
CVE-2022-45407: Loading fonts on workers was not thread-safe
CVE-2022-45408: Fullscreen notification bypass via windowName
CVE-2022-45409: Use-after-free in Garbage Collection
CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite cookie policy
CVE-2022-45411: Cross-Site Tracing was possible via non-standard override headers
CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers
CVE-2022-45413: SameSite=Strict cookies could have been sent cross-site via intent URLs
CVE-2022-40674: Use-after-free vulnerability in expat
CVE-2022-45415: Downloaded file may have been saved with malicious extension
CVE-2022-45416: Keystroke Side-Channel Leakage
CVE-2022-45417: Service Workers in Private Browsing Mode may have been written to disk
CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI
CVE-2022-45419: Deleting a security exception did not take effect immediately
CVE-2022-45420: Iframe contents could be rendered outside the iframe
CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5

Affected Products:
Prior to Firefox 107

QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.