The Mozilla Foundation has patched two High risk vulnerabilities in Firefox 106, as well as a number of other bug fixes.
An attacker could exploit these vulnerabilities to take control of impacted systems.
According to the Mozilla Foundation Security Advisory 2022-44, Firefox 106 addressed the following two High severity vulnerabilities:
- CVE-2022-42927: Same-origin policy violation could have leaked cross-origin URLs.
- CVE-2022-42928: Memory Corruption in JS Engine.
Moreover, the Firefox 106 update also addressed three other vulnerabilities rated Moderate or Low severity.
Also, Mozilla released updates for Mozilla Firefox ESR 102.4.
Released Articles
- Mozilla releases Firefox 105 with fixes for 3 High severity vulnerabilities
- Google releases Chrome 106 (106.0.5249.119) security update with fixes for 6 High severity vulnerabilities
- Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days)
- Microsoft releases out-of-band patch for Endpoint Configuration Manager
- Apple patches vulnerabilities in iOS 16, iOS 15.7, macOS Monterey 12.6, Big Sur 11.7 and other products