Mozilla releases Firefox 105 with fixes for 3 High severity vulnerabilities

The Mozilla Foundation has patched four High risk vulnerabilities in Firefox 105, as well as a number of other bug fixes.

An attacker could exploit these vulnerabilities to take control of impacted systems.

According to the Mozilla Foundation Security Advisory 2022-40, Firefox 105 addressed the following three High severity vulnerabilities:

  1. CVE-2022-40959: Bypassing FeaturePolicy restrictions on transient pages.
  2. CVE-2022-40960: Data-race when parsing non-UTF-8 URLs in threads.
  3. CVE-2022-40962: Memory safety bugs.

Moreover, the Firefox 105 update also addressed four other vulnerabilities rated Moderate or Low severity.

Mozilla released updates for Mozilla Firefox ESR 102.3, and ThunderBird 91.13.1.

Released Articles