Home > Vulnerability Database > CVE-2022-29916

Mend.io Vulnerability Database

CVE-2022-29916

Date: December 21, 2022

Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.

Language: C++

Severity Score

6.5

Related Resources (10)

Url: https://security-tracker.debian.org/tracker/CVE-2022-29916

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2022-29916

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-29916

Url: https://security.alpinelinux.org/vuln/CVE-2022-29916

Url: https://www.mozilla.org/security/advisories/mfsa2022-18/

Url: https://www.mozilla.org/security/advisories/mfsa2022-17/

Url: https://www.mozilla.org/security/advisories/mfsa2022-16/

Url: https://access.redhat.com/security/cve/CVE-2022-29916

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1760674

Url: https://www.mend.io/vulnerability-database/CVE-2022-29916

Severity Score

6.5

Weakness Type (CWE)

Exposure of Sensitive Information to an Unauthorized Actor

CWE-200

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2022-29916

Date: December 21, 2022

Language: C++

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?