VDB
GCVE-110-MAGEIA-2022-93
GCVE-110-MAGEIA-2022-93
Advisory Published
An attacker could have caused a use-after-free by forcing a text reflow in an
SVG object leading to a potentially exploitable crash (CVE-2022-26381).
When resizing a popup after requesting fullscreen access, the popup would not
display the fullscreen notification (CVE-2022-26383).
If an attacker could control the contents of an iframe sandboxed with
allow-popups but not allow-scripts, they were able to craft a link that, when
clicked, would lead to JavaScript execution in violation of the sandbox
(CVE-2022-26384).
Previously Firefox for macOS and Linux would download temporary files to a
user-specific directory in /tmp, but this behavior was changed to download
them to /tmp where they could be affected by other local users. This behavior
was reverted to the original, user-specific directory (CVE-2022-26386).
When installing an add-on, Firefox verified the signature before prompting
the user; but while the user was confirming the prompt, the underlying add-on
file could have been modified and Firefox would not have noticed
(CVE-2022-26387).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | binutils | 0 (affected), 2.36.1-1.4.mga8 (unaffected) | — |
| Mageia | firefox-l10n | 0 (affected), 0 (affected), 91.7.0-1.mga8 (unaffected), 91.7.0-1.mga8 (unaffected) | — |
| Mageia | firefox | 0 (affected), 91.7.0-1.mga8 (unaffected), 0 (affected), 91.7.0-1.mga8 (unaffected) | — |
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.