CVE-2022-45416
CVSS v3.1
6.5 (Medium)
EPSS
0.12 % (47th)
Affected Products
3
Advisories
34
Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Weaknesses
- CWE-203
- Observable Discrepancy
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2022-12-22 20:15:44
(21 months ago) - Updated Date
-
2023-01-04 19:43:35
(20 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...