Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-86cv-v7jv-38f6

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

EPSS

Процентиль: 86%
0.03042
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-416

Связанные уязвимости

CVSS3: 9.8
ubuntu
около 7 лет назад

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 9.8
redhat
почти 8 лет назад

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 9.8
nvd
около 7 лет назад

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 9.8
debian
около 7 лет назад

A use-after-free vulnerability can occur when an editor DOM node is de ...

CVSS3: 9.8
fstec
около 8 лет назад

Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c использованием памяти после освобождения при манипулировании элементами DOM, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 86%
0.03042
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-416