CVE-2022-28285

Advisory lineage Upstream: 0 Downstream: 29

Downstream

DEBIAN-CVE-2022-28285 DLA-2971-1 DLA-2978-1 DSA-5113-1 DSA-5118-1 MGASA-2022-0156

Modified

Published: 22 Dec 2022, 00:00

Last modified:16 Apr 2025, 14:03

Vulnerability Summary

Overall Risk (default)

medium

36/100

CVSS Score

6.5 MEDIUM

v3.1 (cve.org)

EPSS Score

0.24% LOW

0% probability -0.02%

KEV

Not listed

Ransomware

No reports

Public exploits

4 found

Dark Web

Not detected

Timeline

22 Dec 2022, 00:00

Published

Vulnerability first disclosed

16 Apr 2025, 14:03

Last Modified

Vulnerability information updated

Description

When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

CVSS Metrics

v3.1•MEDIUM•Score: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS Trends

Current EPSS score: 0.24%• Percentile: 47%

Techniques & Countermeasures

CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

mozilla•firefox
≥ unspecified, < 99 | < 99.0
mozilla•firefox_esr
≥ unspecified, < 91.8 | < 91.8
mozilla•thunderbird
≥ unspecified, < 91.8 | < 91.8