If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
CVE-2022-34472
Score 4.3 from GitHub Security Advisory published 2022-12-22. NVD baseline CVSS 4.3; sources differ by 0.0.
- Lower severity and no public exploit yet
A fix is available — apply it.
- CVSS v3
- 4.3
- EG Score
- 4.3(medium)
- EPSS
- 43.6%
- KEV
- Not listed
Published
December 22, 2022
Last Modified
April 15, 2025
References (8)
- security@mozillahttps://bugzilla.mozilla.org/show_bug.cgi?id=1770123
- security@mozillahttps://www.mozilla.org/security/advisories/mfsa2022-24/
- security@mozillahttps://www.mozilla.org/security/advisories/mfsa2022-25/
- security@mozillahttps://www.mozilla.org/security/advisories/mfsa2022-26/
- af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=1770123
- af854a3a-2127-422b-91ae-364da2661108https://www.mozilla.org/security/advisories/mfsa2022-24/
- af854a3a-2127-422b-91ae-364da2661108https://www.mozilla.org/security/advisories/mfsa2022-25/
- af854a3a-2127-422b-91ae-364da2661108https://www.mozilla.org/security/advisories/mfsa2022-26/
Vendor Advisories for CVE-2022-34472(2)
These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.
Weakness Classification(1)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Additional Vendor Advisories
(12)
Vendors that published advisories for this CVE beyond the curated set above. Broader coverage but minimal per-row detail — click through for the original advisory.
- Red HatRHSA-2022:5469MODERATE2022-06-28
RHSA-2022:5469 — Moderate
- Red HatRHSA-2022:5470MODERATE2022-06-28
RHSA-2022:5470 — Moderate
- Red HatRHSA-2022:5472MODERATE2022-06-28
RHSA-2022:5472 — Moderate
- Red HatRHSA-2022:5473MODERATE2022-06-28
RHSA-2022:5473 — Moderate
- Red HatRHSA-2022:5474MODERATE2022-06-28
RHSA-2022:5474 — Moderate
- Red HatRHSA-2022:5475MODERATE2022-06-28
RHSA-2022:5475 — Moderate
- Red HatRHSA-2022:5477MODERATE2022-06-28
RHSA-2022:5477 — Moderate
- Red HatRHSA-2022:5478MODERATE2022-06-28
RHSA-2022:5478 — Moderate
- Red HatRHSA-2022:5481MODERATE2022-06-28
RHSA-2022:5481 — Moderate
- Red HatRHSA-2022:5482MODERATE2022-06-28
RHSA-2022:5482 — Moderate
- UbuntuUSN-5504-1MEDIUM
Firefox vulnerabilities
- UbuntuUSN-5512-1MEDIUM
Thunderbird vulnerabilities
Frequently asked(5)
What is CVE-2022-34472?
When was CVE-2022-34472 disclosed?
Is CVE-2022-34472 actively exploited?
What is the CVSS score of CVE-2022-34472?
How do I remediate CVE-2022-34472?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2022-34472
Is Your Infrastructure Affected by CVE-2022-34472?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.