{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-28281", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "dateUpdated": "2024-08-03T05:48:37.901Z", "dateReserved": "2022-03-31T00:00:00", "datePublished": "2022-12-22T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2022-12-22T00:00:00"}, "descriptions": [{"lang": "en", "value": "If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8."}], "affected": [{"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"version": "unspecified", "lessThan": "91.8", "status": "affected", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox", "versions": [{"version": "unspecified", "lessThan": "99", "status": "affected", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"version": "unspecified", "lessThan": "91.8", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2022-13/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-14/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-15/"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1755621"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Out of bounds write due to unexpected WebAuthN Extensions"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:48:37.901Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-14/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-15/", "tags": ["x_transferred"]}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1755621", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "A841617D-181C-45FF-868A-33DD504B1BA8", "versionEndExcluding": "99.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB18B69A-EE03-4E15-A9AA-FCF442042761", "versionEndExcluding": "91.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DCED53B-8838-45E1-A516-90C99C7DF6F9", "versionEndExcluding": "91.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8."}, {"lang": "es", "value": "Si un proceso de contenido comprometido envi\u00f3 una cantidad inesperada de extensiones WebAuthN en un comando de registro al proceso principal, se habr\u00eda producido una escritura fuera de los l\u00edmites que provocar\u00eda da\u00f1os en la memoria y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird &lt; 91.8, Firefox &lt; 99 y Firefox ESR &lt; 91.8."}], "id": "CVE-2022-28281", "lastModified": "2022-12-30T20:55:42.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-22T20:15:23.023", "references": [{"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1755621"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-14/"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-15/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2022:1284", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:91.8.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-04-08T00:00:00Z"}, {"advisory": "RHSA-2022:1302", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:91.8.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-04-11T00:00:00Z"}, {"advisory": "RHSA-2022:1287", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:91.8.0-1.el8_5", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-04-08T00:00:00Z"}, {"advisory": "RHSA-2022:1301", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:91.8.0-1.el8_5", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-04-11T00:00:00Z"}, {"advisory": "RHSA-2022:1283", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "firefox-0:91.8.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-04-08T00:00:00Z"}, {"advisory": "RHSA-2022:1303", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "thunderbird-0:91.8.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-04-11T00:00:00Z"}, {"advisory": "RHSA-2022:1286", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "firefox-0:91.8.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-04-08T00:00:00Z"}, {"advisory": "RHSA-2022:1326", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:91.8.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-04-12T00:00:00Z"}, {"advisory": "RHSA-2022:1285", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "firefox-0:91.8.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-04-08T00:00:00Z"}, {"advisory": "RHSA-2022:1305", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "thunderbird-0:91.8.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-04-11T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Out of bounds write due to unexpected WebAuthN Extensions", "id": "2072560", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072560"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-787", "details": ["If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.", "The Mozilla Foundation Security Advisory describes this flaw as:\nIf a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash."], "name": "CVE-2022-28281", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-04-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-28281\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-28281\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2022-14/#CVE-2022-28281\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2022-15/#CVE-2022-28281"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Important", "upstream_fix": "thunderbird 91.8, firefox 91.8"}