CVE-2022-26382

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1741888	Exploit Issue Tracking Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2022-10/	Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1741888	Exploit Issue Tracking Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2022-10/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:53

Type	Values Removed	Values Added
References	~~() https://bugzilla.mozilla.org/show_bug.cgi?id=1741888 - Exploit, Issue Tracking, Vendor Advisory~~	() https://bugzilla.mozilla.org/show_bug.cgi?id=1741888 - Exploit, Issue Tracking, Vendor Advisory
References	~~() https://www.mozilla.org/security/advisories/mfsa2022-10/ - Vendor Advisory~~	() https://www.mozilla.org/security/advisories/mfsa2022-10/ - Vendor Advisory

Information

Published : 2022-12-22 20:15

Updated : 2024-11-21 06:53

NVD link : CVE-2022-26382

Mitre link : CVE-2022-26382

CVE.ORG link : CVE-2022-26382

JSON object : View

Products Affected

mozilla

firefox

CWE

CWE-203

Observable Discrepancy

{"id": "CVE-2022-26382", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-12-22T20:15:21.230", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1741888", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1741888", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-203"}]}], "descriptions": [{"lang": "en", "value": "While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98."}, {"lang": "es", "value": "Si bien JavaScript no puede leer directamente el texto que se muestra en la informaci\u00f3n sobre herramientas de Autocompletar, el texto se represent\u00f3 utilizando fuentes de p\u00e1gina. Los ataques de canal lateral al texto mediante el uso de fuentes especialmente manipuladas podr\u00edan haber llevado a que la p\u00e1gina web infiera este texto. Esta vulnerabilidad afecta a Firefox < 98."}], "lastModified": "2024-11-21T06:53:53.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43B912E3-7770-4946-8AAD-ED9055634619", "versionEndExcluding": "98.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@mozilla.org"}