VDB

DEBIAN-CVE-2022-29916

DEBIAN-CVE-2022-29916 PUBLISHED CVSS 6.5 MEDIUM

Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Debian:13firefox-esr0, 0, 0
Debian:14thunderbird0, 0, 0
Debian:11thunderbird78.13.0-1, 78.14.0-1, 78.14.0-1
Debian:12firefox-esr0, 0, 0
Debian:12thunderbird0, 0, 0
Debian:13thunderbird0, 0, 0
Debian:11firefox-esr78.14.0, 78.14.0, 78.15.0
Debian:14firefox-esr0, 0, 0

Exploit Intelligence

Timeline

  • Dec 22, 2022 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›