vulnerability
CentOS Linux: CVE-2022-1802: Critical: firefox security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | May 24, 2022 | May 25, 2022 | Jan 28, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
May 24, 2022
Added
May 25, 2022
Modified
Jan 28, 2025
Description
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
Solutions
centos-upgrade-firefoxcentos-upgrade-firefox-debuginfocentos-upgrade-firefox-debugsourcecentos-upgrade-thunderbirdcentos-upgrade-thunderbird-debuginfocentos-upgrade-thunderbird-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.