The Mozilla Foundation has patched three High risk vulnerabilities in Firefox 99, as well as a number of other bug fixes.
An attacker could exploit these vulnerabilities to take control of impacted systems.
As part of Mozilla Foundation Security Advisory 2022-13, Firefox 99 addressed the following three High severity vulnerabilities:
- CVE-2022-1097: Use-after-free in NSSToken objects
- CVE-2022-28281: Out of bounds write due to unexpected WebAuthN Extensions
- CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8.
To add, four Moderate and three Low risk vulnerabilities were also patched.