CVE Daily

CVE-2022-45406

If an out-of-memory condition occurred when creating a JavaScript global, a Java...

Critical CVSS 9.8

Overview

If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

CWE: CWE-416 Published: 2022-12-22T20:15:42.197
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags