A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash.
*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1786818 | Issue Tracking Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2022-44/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2023-08-24T16:00:18.964Z
Updated: 2023-08-24T16:00:18.964Z
Reserved: 2022-12-09T16:26:41.585Z
Link: CVE-2022-46884
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-08-24T17:15:08.380
Modified: 2023-08-29T15:56:16.160
Link: CVE-2022-46884
JSON object: View
Redhat Information
No data.
CWE