RHSA-2022:1302HighCVSS 8.8
Red Hat Security Advisory: thunderbird security update
🔗 CVE IDs covered (9)
📋 Description
CVE-2022-1097 — Mozilla: Use-after-free in NSSToken objects CVE-2022-1196 — Mozilla: Use-after-free after VR Process destruction CVE-2022-1197 — Mozilla: OpenPGP revocation information was ignored CVE-2022-24713 — Mozilla: Denial of Service via complex regular expressions CVE-2022-28281 — Mozilla: Out of bounds write due to unexpected WebAuthN Extensions CVE-2022-28282 — Mozilla: Use-after-free in DocumentL10n::TranslateDocument CVE-2022-28285 — Mozilla: Incorrect AliasSet used in JIT Codegen CVE-2022-28286 — Mozilla: iframe contents could be rendered outside the border CVE-2022-28289 — Mozilla: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2022:1302
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072559
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072560
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072561
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072562
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072563
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072564
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072565
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072566
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072963
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1302.json