CVE-2022-22763

Summary

When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 96affected
MozillaThunderbirdunspecified < 91.6affected
MozillaFirefox ESRunspecified < 91.6affected

Weaknesses

  • Script Execution during invalid object state

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

Additional References

References