CVE-2022-42929
MEDIUM WAF: Medium
CVSS 6.5
Published: 2022-12-22
CWE-400
If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | up to 106.0 |
| mozilla | firefox_esr | up to 102.4 |
| mozilla | thunderbird | up to 102.4 |
References
- bugzilla.mozilla.org (Issue Tracking, Permissions Required)
- www.mozilla.org (Vendor Advisory)
- www.mozilla.org (Vendor Advisory)
- www.mozilla.org (Vendor Advisory)