Описание
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 97.0.2+build1-0ubuntu0.18.04.1 |
| devel | released | 1:1snap1-0ubuntu1 |
| esm-infra/focal | DNE | |
| focal | released | 97.0.2+build1-0ubuntu0.20.04.1 |
| impish | released | 97.0.2+build1-0ubuntu0.21.10.1 |
| jammy | released | 1:1snap1-0ubuntu1 |
| kinetic | released | 1:1snap1-0ubuntu1 |
| lunar | released | 1:1snap1-0ubuntu1 |
| upstream | released | 97.0.2 |
Показывать по
8.8 High
CVSS3
Связанные уязвимости
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
Removing an XSLT parameter during processing could have lead to an exp ...
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
Уязвимость параметра XSLT браузеров Mozilla Firefox и Focus, позволяющая нарушителю выполнить произвольный код
8.8 High
CVSS3