Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
Metrics
Affected Vendors & Products
References
History
Wed, 14 Aug 2024 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2022-12-22T00:00:00
Updated: 2024-08-03T05:03:32.985Z
Reserved: 2022-03-04T00:00:00
Link: CVE-2022-26485
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-12-22T20:15:22.563
Modified: 2024-11-21T06:54:02.350
Link: CVE-2022-26485
Redhat