Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-28285

Опубликовано: 22 дек. 2022
Источник: ubuntu
Приоритет: medium
CVSS3: 6.5

Описание

When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

РелизСтатусПримечание
bionic

released

99.0+build2-0ubuntu0.18.04.2
devel

released

1:1snap1-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

99.0+build2-0ubuntu0.20.04.2
impish

released

99.0+build2-0ubuntu0.21.10.2
jammy

released

1:1snap1-0ubuntu1
kinetic

released

1:1snap1-0ubuntu1
lunar

released

1:1snap1-0ubuntu1
mantic

released

1:1snap1-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

ignored

focal

ignored

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/jammy

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

ignored

end of life
jammy

ignored

kinetic

ignored

end of life, was needs-triage
lunar

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

released

91.10.0-0ubuntu1
kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
bionic

released

1:91.8.1+build1-0ubuntu0.18.04.1
devel

not-affected

1:91.8.0+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

1:91.8.1+build1-0ubuntu0.20.04.1
impish

released

1:91.8.1+build1-0ubuntu0.21.10.1
jammy

not-affected

1:91.8.0+build2-0ubuntu1
kinetic

not-affected

1:91.8.0+build2-0ubuntu1
lunar

not-affected

1:91.8.0+build2-0ubuntu1
mantic

not-affected

1:91.8.0+build2-0ubuntu1

Показывать по

Ссылки на источники

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-28285

CVSS3: 6.1
redhat
больше 3 лет назад

When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

nvd логотип

CVE-2022-28285

CVSS3: 6.5
nvd
почти 3 года назад

When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

debian логотип

CVE-2022-28285

CVSS3: 6.5
debian
почти 3 года назад

When generating the assembly code for <code>MLoadTypedArrayElementHole ...

github логотип

GHSA-fmhg-h49x-72gp

CVSS3: 6.5
github
почти 3 года назад

When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

fstec логотип

BDU:2022-02371

CVSS3: 6.1
fstec
больше 3 лет назад

Уязвимость компонента MLoadTypedArrayElementHole веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю раскрыть защищаемую информацию

6.5 Medium

CVSS3

Уязвимость CVE-2022-28285