Litokollo tse lokisoang tsa Firefox 100.0.2, Firefox ESR 91.9.1 le Thunderbird 91.9.1 li hatisitsoe, ho lokisa mefokolo e 'meli e lekantsoeng e le ea bohlokoa. Tlholisanong ea Pwn2Own 2022 e ntseng e etsahala matsatsing ana, ho ile ha bontšoa ts'ebetso e sebetsang e entseng hore ho khonehe ho qoba ho itšehla thajana ha sandbox e bula leqephe le entsoeng ka mokhoa o ikhethileng le ho kenya khoutu tsamaisong. Mongoli oa ts'ebetsong o ile a fuoa moputso oa lidolara tse likete tse 100.
Kotsi ea pele (CVE-2022-1802) e teng ts'ebetsong ea motho ea emetseng 'me e lumella mekhoa ea ntho ea Array hore e senyehe ka ho fetola thepa ea prototype ("prototype pollution"). Kotsi ea bobeli (CVE-2022-1529) e etsa hore ho khonehe ho fetola thepa ea prototype ha o sebetsana le data e sa netefatsoang nakong ea indexing ea lintho tsa JavaScript. Bofokoli bo lumella JavaScript khoutu ho sebelisoa ka mokhoa o khethehileng oa motsoali.
Source: opennet.ru