VDB
GCVE-110-MAGEIA-2022-428
GCVE-110-MAGEIA-2022-428
Advisory Published
Service Workers might have learned size of cross-origin media files.
(CVE-2022-45403)
Fullscreen notification bypass. (CVE-2022-45404)
Use-after-free in InputStream implementation. (CVE-2022-45405)
Use-after-free of a JavaScript Realm. (CVE-2022-45406)
Fullscreen notification bypass via windowName. (CVE-2022-45408)
Use-after-free in Garbage Collection. (CVE-2022-45409)
ServiceWorker-intercepted requests bypassed SameSite cookie policy.
(CVE-2022-45410)
Cross-Site Tracing was possible via non-standard override headers.
(CVE-2022-45411)
Symlinks may resolve to partially uninitialized buffers. (CVE-2022-45412)
Keystroke Side-Channel Leakage. (CVE-2022-45416)
Custom mouse cursor could have been drawn over browser UI. (CVE-2022-45418)
Iframe contents could be rendered outside the iframe. (CVE-2022-45420)
Memory safety bugs fixed in Thunderbird 102.5. (CVE-2022-45421)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | thunderbird-l10n | 102.5.0-1.mga8 (unaffected), 0 (affected) | — |
| Mageia | thunderbird | 0 (affected), 102.5.0-1.mga8 (unaffected) | — |
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.