CVE-2022-26382

Published: Dec 22, 2022

Modified: Apr 16, 2025

PUBLISHED

Description

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98.

Vendor	Product	Versions
Mozilla	Firefox	affected `unspecified - < 98`

References

https://www.mozilla.org/security/advisories/mfsa2022-10/

https://bugzilla.mozilla.org/show_bug.cgi?id=1741888

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-26382

Description

Affected Products

References