CVE-2022-22764

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-22764

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-22764.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-22764

Downstream

DEBIAN-CVE-2022-22764

DLA-2916-1

DLA-2921-1

DSA-5069-1

DSA-5074-1

RHSA-2022:0510

RHSA-2022:0511

RHSA-2022:0512

RHSA-2022:0513

RHSA-2022:0514

RHSA-2022:0535

RHSA-2022:0536

RHSA-2022:0537

RHSA-2022:0538

RHSA-2022:0539

SUSE-SU-2022:0559-1

SUSE-SU-2022:0565-1

SUSE-SU-2022:0676-1

SUSE-SU-2022:0696-1

SUSE-SU-2022:14896-1

UBUNTU-CVE-2022-22764

USN-5284-1

USN-5345-1

openSUSE-SU-2022:0559-1

openSUSE-SU-2024:11837-1

openSUSE-SU-2024:11842-1

openSUSE-SU-2024:14572-1

Related

Published

2022-12-22T20:15:20Z

Modified

2025-08-09T20:01:26Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

References

Affected packages