Kururamisa kuburitswa kweFirefox 100.0.2, Firefox ESR 91.9.1 neThunderbird 91.9.1 kwaburitswa, kugadzirisa kusakanganiswa kuviri kwakanzi kwakakosha. Pamakwikwi ePwn2Own 2022 ari kuitika mazuva ano, kushandiswa kwekushanda kwakaratidzwa kwakaita kuti zvikwanise kunzvenga bhokisi rejecha rekuzviparadzanisa nevamwe pakuvhura peji rakagadzirirwa uye kuita kodhi muhurongwa. Munyori wekushandisa akapihwa mubairo we100 zviuru zvemadhora.
Kusagadzikana kwekutanga (CVE-2022-1802) kuripo mukuitwa kweanomirira opareta uye inobvumira nzira dziri muArray chinhu kushatiswa nekushandura prototype pfuma ("prototype pollution"). Kusagadzikana kwechipiri (CVE-2022-1529) kunoita kuti zvikwanise kushandura prototype pfuma paunenge uchigadzira data risingabvumirwe panguva yekunongedza zvinhu zveJavaScript. Kusagadzikana kunobvumira JavaScript kodhi kuti iitwe mune yakasarudzika maitiro evabereki.
Source: opennet.ru