Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-45407

Опубликовано: 22 дек. 2022
Источник: ubuntu
Приоритет: medium
CVSS3: 7.5

Описание

If an attacker loaded a font using FontFace() on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.

РелизСтатусПримечание
bionic

not-affected

107.0+build2-0ubuntu0.18.04.1
devel

not-affected

esm-infra/focal

DNE

focal

not-affected

jammy

not-affected

kinetic

not-affected

lunar

not-affected

mantic

not-affected

noble

not-affected

trusty

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
esm-apps/bionic

ignored

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

ignored

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
esm-apps/focal

ignored

esm-infra/bionic

ignored

focal

ignored

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

ignored

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

ignored

focal

ignored

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

ignored

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/jammy

ignored

esm-infra/focal

DNE

focal

DNE

jammy

ignored

kinetic

ignored

end of life, was needs-triage
lunar

ignored

end of life, was needs-triage
mantic

DNE

noble

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

kinetic

DNE

trusty

DNE

upstream

ignored

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

not-affected

esm-infra/focal

DNE

focal

not-affected

jammy

not-affected

kinetic

ignored

end of life, was needed
lunar

not-affected

mantic

not-affected

noble

not-affected

trusty

ignored

end of standard support

Показывать по

Ссылки на источники

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-45407

CVSS3: 7.5
nvd
около 3 лет назад

If an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.

debian логотип

CVE-2022-45407

CVSS3: 7.5
debian
около 3 лет назад

If an attacker loaded a font using <code>FontFace()</code> on a backgr ...

github логотип

GHSA-5459-wr9w-wpcp

CVSS3: 7.5
github
около 3 лет назад

If an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.

fstec логотип

BDU:2024-06951

CVSS3: 7.5
fstec
больше 3 лет назад

Уязвимость компонента FontFace веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании

7.5 High

CVSS3