CVE-2022-42932

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-42932

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-42932.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-42932

Downstream

DEBIAN-CVE-2022-42932

DLA-3156-1

DLA-3170-1

DSA-5259-1

DSA-5262-1

RHSA-2022:7066

RHSA-2022:7068

RHSA-2022:7069

RHSA-2022:7070

RHSA-2022:7071

RHSA-2022:7072

RHSA-2022:7178

RHSA-2022:7181

RHSA-2022:7182

RHSA-2022:7183

RHSA-2022:7184

RHSA-2022:7190

SUSE-SU-2022:3698-1

SUSE-SU-2022:3719-1

SUSE-SU-2022:3726-1

SUSE-SU-2022:4085-1

UBUNTU-CVE-2022-42932

USN-5709-1

USN-5724-1

openSUSE-SU-2024:12425-1

openSUSE-SU-2024:12429-1

openSUSE-SU-2024:12439-1

openSUSE-SU-2024:14572-1

Related

Published

2022-12-22T20:15:41Z

Modified

2025-08-09T20:01:27Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

References

Affected packages