CVE-2022-46884

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-46884

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-46884.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-46884

Downstream

UBUNTU-CVE-2022-46884

Published

2023-08-24T17:15:08.380Z

Modified

2026-03-14T11:57:33.196905Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "106.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-46884.json"