First published: Tue Sep 20 2022(Updated: )
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.
Credit: security@mozilla.org security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Thunderbird | <102.6 | 102.6 |
Mozilla Firefox ESR | <102.6 | 102.6 |
Mozilla Firefox | <105 | 105 |
Mozilla Firefox | <105.0 | |
Mozilla Firefox ESR | <102.6 | |
Mozilla Thunderbird | <102.6 | |
<105.0 | ||
<102.6 | ||
<102.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The severity of CVE-2022-46880 is high with a CVSS score of 6.5.
CVE-2022-46880 affects Mozilla Thunderbird, Mozilla Firefox, and Mozilla Firefox ESR.
CVE-2022-46880 could lead to a use-after-free vulnerability, potentially causing a crash and exploitation.
The remedy for CVE-2022-46880 is to update to the fixed versions of Mozilla Thunderbird 102.6, Mozilla Firefox 105, or Mozilla Firefox ESR 102.6.
You can find more information about CVE-2022-46880 in the Mozilla Security Advisory MFSA2022-53 and MFSA2022-40.