Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-28288

Опубликовано: 22 дек. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 8.8

Описание

Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.

РелизСтатусПримечание
bionic

released

99.0+build2-0ubuntu0.18.04.2
devel

released

1:1snap1-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

99.0+build2-0ubuntu0.20.04.2
impish

released

99.0+build2-0ubuntu0.21.10.2
jammy

released

1:1snap1-0ubuntu1
kinetic

released

1:1snap1-0ubuntu1
lunar

released

1:1snap1-0ubuntu1
mantic

released

1:1snap1-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

ignored

focal

ignored

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/jammy

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

ignored

end of life
jammy

ignored

kinetic

ignored

end of life, was needs-triage
lunar

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

ignored

kinetic

DNE

lunar

DNE

mantic

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 52%
0.00289
Низкий

8.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-28288

CVSS3: 8.8
nvd
почти 3 года назад

Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.

debian логотип

CVE-2022-28288

CVSS3: 8.8
debian
почти 3 года назад

Mozilla developers and community members Randell Jesup, Sebastian Heng ...

github логотип

GHSA-qm5f-gm4h-wq94

CVSS3: 8.8
github
почти 3 года назад

Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.

fstec логотип

BDU:2022-02132

CVSS3: 7.5
fstec
больше 3 лет назад

Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 52%
0.00289
Низкий

8.8 High

CVSS3