CVE-2022-31738

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1756388
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-21/
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/
• https://www.mozilla.org/security/advisories/mfsa2022-20/
• https://www.mozilla.org/security/advisories/mfsa2022-21/
• https://www.mozilla.org/security/advisories/mfsa2022-22/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2022-22
• MFSA2022-20
• MFSA2022-21

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2022-31736
• CVE-2022-31737
• CVE-2022-31738
• CVE-2022-31739
• CVE-2022-31740
• CVE-2022-31741
• CVE-2022-1834
• CVE-2022-31742
• CVE-2022-31747
• CVE-2022-31743
• CVE-2022-31744
• CVE-2022-31745
• CVE-2022-1919
• CVE-2022-31748

Frequently Asked Questions

• What is the severity of CVE-2022-31738?

  CVE-2022-31738 is classified as a moderate severity vulnerability.

• How do I fix CVE-2022-31738?

  To mitigate CVE-2022-31738, update to the latest version of Firefox or Thunderbird that resolves this issue.

• Which versions of Firefox are affected by CVE-2022-31738?

  CVE-2022-31738 affects Firefox versions prior to 101 and Firefox ESR versions prior to 91.10.

• Can CVE-2022-31738 lead to user spoofing attacks?

  Yes, CVE-2022-31738 can potentially enable spoofing attacks due to confusion around fullscreen state.

• Is Firefox ESR impacted by CVE-2022-31738?

  Yes, CVE-2022-31738 impacts Firefox ESR versions prior to 91.10.