CVE-2022-34475: 
NixOS vulnerability analysis and mitigation

CVE-2022-34475 is a security vulnerability discovered in Mozilla Firefox's HTML Sanitizer API that was disclosed and fixed in June 2022. The vulnerability allowed SVG tags that referenced a same-origin document to execute scripts if attacker input was sanitized via the HTML Sanitizer API. This vulnerability required the attacker to reference a same-origin JavaScript file containing the script to be executed (Mozilla Advisory).

The vulnerability exists in Firefox's implementation of the HTML Sanitizer API, where SVG 'use' elements could bypass the sanitization process when referencing same-origin documents. The issue was rated with a low severity impact and was assigned CVE-2022-34475. The vulnerability was fixed in Firefox version 102.0, released on June 28, 2022 (Mozilla Advisory, Bugzilla).

The impact of this vulnerability was considered low due to specific preconditions required for exploitation. An attacker could only execute scripts if they had control over a same-origin resource, such as through file upload, and even if this resource was served with a content disposition header, the attack could still work (Bugzilla).

The vulnerability was patched in Firefox version 102.0. The fix involved restricting href attributes in svg:use elements to fragment-only URLs. Users were advised to update their Firefox installations to version 102.0 or later to receive the security fix (Ubuntu Security).

Security researcher Gareth Heyes, who discovered the vulnerability, published a detailed blog post about the issue on PortSwigger's research blog, providing technical analysis and demonstration of the vulnerability (Bugzilla).