AVG-2728 log

Package firefox
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 100.0.1-1
Fixed 100.0.2-1
Current 103.0.2-1 [extra]
Ticket None
Created Mon May 23 10:43:24 2022
Advisory Pending
Issue Severity Remote Type Description
CVE-2022-1802 Critical Yes Arbitrary code execution
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of...
CVE-2022-1529 Critical Yes Arbitrary code execution
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype...
References
https://www.mozilla.org/en-US/security/advisories/mfsa2022-19/