| CVE-2022-31747 |
High |
Yes |
Arbitrary code execution |
|
| CVE-2022-31742 |
Medium |
Unknown |
Information disclosure |
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key... |
| CVE-2022-31741 |
High |
Yes |
Information disclosure |
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. |
| CVE-2022-31738 |
High |
Yes |
Content spoofing |
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or... |
| CVE-2022-31737 |
High |
Yes |
Arbitrary code execution |
A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. |
| CVE-2022-31736 |
High |
Yes |
Information disclosure |
A malicious website could have learned the size of a cross-origin resource that supported Range requests. |
| CVE-2022-1834 |
High |
Yes |
Content spoofing |
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have... |