CVE-2022-26382
CVSS v3.1
4.3 (Medium)
EPSS
0.09 % (38th)
Affected Products
1
Advisories
5
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98.
Weaknesses
- CWE-203
- Observable Discrepancy
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2022-12-22 20:15:21
(21 months ago) - Updated Date
-
2022-12-30 15:01:20
(20 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...