Mozilla Firefox and Thunderbird Critical Vulnerabilities
The Mozilla Foundation has published an advisory regarding two Critical vulnerabilities in Firefox, Firefox ESR, Firefox for Android, and the Thunderbird e-mail client.
CVE-2022-1802 and CVE-2022-1529 are both Javascript sandbox-escape vulnerabilities resulting in code execution with escalated privileges.
You can read more about the technicalities of the vulnerabilities here – sign-up required.
We recommend updating the affected products immediately.
Fixed versions
Firefox 100.0.2
Firefox ESR 91.9.1
Firefox for Android 100.3
Thunderbird 91.9.1