{"id":"CVE-2022-45418","details":"If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.","modified":"2026-04-16T04:38:33.314365215Z","published":"2022-12-22T20:15:44.780Z","related":["ALSA-2022:8547","ALSA-2022:8554","ALSA-2022:8561","ALSA-2022:8580","SUSE-SU-2022:4058-1","SUSE-SU-2022:4083-1","SUSE-SU-2022:4085-1","SUSE-SU-2022:4247-1","openSUSE-SU-2024:12518-1","openSUSE-SU-2024:12519-1","openSUSE-SU-2024:12532-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2022-47/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2022-48/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2022-49/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1795815"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"107.0"}]},{"events":[{"introduced":"0"},{"fixed":"102.5"}]},{"events":[{"introduced":"0"},{"fixed":"102.5"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-45418.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}