CVE-2022-42930: Race Condition
First published: Tue Oct 18 2022(Updated: )
If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. This vulnerability affects Firefox < 106.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <106 | 106 |
| <106 | 106 | |
| Mozilla Firefox | <106.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-42930.
What is the affected software?
The affected software is Mozilla Firefox version up to exclusive 106.
What is the severity of CVE-2022-42930?
The severity of CVE-2022-42930 is high, with a CVSS score of 7.1.
How can this vulnerability be exploited?
This vulnerability can be exploited if two Workers simultaneously initialize their CacheStorage, leading to a data race in the ThirdPartyUtil component.
Where can I find more information about CVE-2022-42930?
More information about CVE-2022-42930 can be found on the Mozilla bugzilla and security advisories pages.
- agent/author
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/severity
- agent/references
- agent/weakness
- agent/event
- agent/description
- collector/mozilla-advisory
- agent/software-canonical-lookup-request
- source/Mozilla
- agent/software-canonical-lookup
- agent/tags
- collector/nvd-api
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla firefox