CVE-2022-42928

Summary

Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 106affected
MozillaFirefox ESRunspecified < 102.4affected
MozillaThunderbirdunspecified < 102.4affected

Weaknesses

  • Memory Corruption in JS Engine

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References