CVE-2022-34476

Summary

ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 102affected

Weaknesses

  • ASN.1 parser could have been tricked into accepting malformed ASN.1

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References