Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
History

Wed, 14 Aug 2024 01:00:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2022-12-22T00:00:00

Updated: 2024-08-03T05:03:32.985Z

Reserved: 2022-03-04T00:00:00

Link: CVE-2022-26485

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-12-22T20:15:22.563

Modified: 2024-11-21T06:54:02.350

Link: CVE-2022-26485

cve-icon Redhat

Severity : Critical

Publid Date: 2022-03-05T00:00:00Z

Links: CVE-2022-26485 - Bugzilla