Lucene search
MozillaCVELIST:CVE-2022-26485HistoryDec 22, 2022 - 12:00 a.m.
CVE-2022-26485
2022-12-2200:00:00
mozilla
www.cve.org
1
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
CNA Affected
[
{
"vendor": "Mozilla",
"product": "Firefox",
"versions": [
{
"version": "unspecified",
"lessThan": "97.0.2",
"status": "affected",
"versionType": "custom"
}
]
},
{
"vendor": "Mozilla",
"product": "Firefox ESR",
"versions": [
{
"version": "unspecified",
"lessThan": "91.6.1",
"status": "affected",
"versionType": "custom"
}
]
},
{
"vendor": "Mozilla",
"product": "Firefox for Android",
"versions": [
{
"version": "unspecified",
"lessThan": "97.3.0",
"status": "affected",
"versionType": "custom"
}
]
},
{
"vendor": "Mozilla",
"product": "Thunderbird",
"versions": [
{
"version": "unspecified",
"lessThan": "91.6.2",
"status": "affected",
"versionType": "custom"
}
]
},
{
"vendor": "Mozilla",
"product": "Focus",
"versions": [
{
"version": "unspecified",
"lessThan": "97.3.0",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
prion
prion
Double free
2022-12-22 20:15:00
veracode
veracode
Use After Free
2022-03-06 15:56:54
hivepro
hivepro
Weekly Threat Digest: 28 February β 6 March 2022
2022-03-09 11:09:41
redhatcve
redhatcve
CVE-2022-26485
2022-03-08 13:43:18
ubuntucve
ubuntucve
CVE-2022-26485
2022-03-06 00:00:00
attackerkb
attackerkb
CVE-2022-26485
2022-12-22 00:00:00
cve
cve
CVE-2022-26485
2022-12-22 20:15:22
openvas
openvas
Fedora: Security Advisory for firefox (FEDORA-2022-4f28c7541d)
2022-03-23 00:00:00
Debian: Security Advisory (DLA-2939-1)
2022-03-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0777-1)
2022-03-10 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: firefox-98.0-2.fc35
2022-03-11 14:48:17
debiancve
debiancve
CVE-2022-26485
2022-12-22 20:15:22
alpinelinux
alpinelinux
CVE-2022-26485
2022-12-22 20:15:22
cisa_kev
cisa_kev
Mozilla Firefox Use-After-Free Vulnerability
2022-03-07 00:00:00
nvd
nvd
CVE-2022-26485
2022-12-22 20:15:22
malwarebytes
malwarebytes
Update now! Mozilla patches two actively exploited vulnerabilities
2022-03-07 20:25:18
thn
thn
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.6.1-alt1
2022-03-11 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.6.2-alt1
2022-03-15 00:00:00
osv
osv
thunderbird - security update
2022-03-09 00:00:00
firefox vulnerabilities
2022-03-06 21:11:47
firefox-esr - security update
2022-03-07 00:00:00
kaspersky
kaspersky
KLA12470 Multiple vulnerabilities in Mozilla Firefox
2022-03-05 00:00:00
KLA12475 Multiple vulnerabilities in Mozilla Thunderbird
2022-03-05 00:00:00
KLA12469 Multiple vulnerabilities in Mozilla Firefox ESR
2022-03-05 00:00:00
nessus
nessus
Mozilla Firefox ESR < 91.6.1
2022-03-07 00:00:00
SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0778-1)
2022-03-10 00:00:00
Debian DSA-5090-1 : firefox-esr - security update
2022-03-07 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2022-03-05 20:04:04
debian
debian
[SECURITY] [DLA 2939-1] thunderbird security update
2022-03-09 08:36:43
[SECURITY] [DSA 5090-1] firefox-esr security update
2022-03-06 20:43:40
[SECURITY] [DLA 2933-1] firefox-esr security update
2022-03-07 13:04:58
mozilla
mozilla
redos
redos
ROS-20220309-02
2022-03-09 00:00:00
suse
suse
Security update for MozillaThunderbird (important)
2022-03-10 00:00:00
Security update for MozillaFirefox (important)
2022-03-09 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2022-03-06 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2022-03-06 13:40:17
Updated thunderbird packages fix security vulnerabilities
2022-03-08 21:56:13
threatpost
threatpost
Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
2022-03-07 16:19:15
redhat
redhat
(RHSA-2022:0816) Critical: firefox security update
2022-03-10 14:34:59
(RHSA-2022:0818) Critical: firefox security update
2022-03-10 14:36:51
(RHSA-2022:0824) Critical: firefox security and bug fix update
2022-03-10 14:42:11
oraclelinux
oraclelinux
firefox security and bug fix update
2022-03-10 00:00:00
firefox security update
2022-03-10 00:00:00
thunderbird security update
2022-03-14 00:00:00
rocky
rocky
firefox security update
2022-03-10 14:36:51
thunderbird security update
2022-03-14 09:49:10
almalinux
almalinux
Critical: firefox security update
2022-03-10 14:36:51
Important: thunderbird security update
2022-03-14 09:49:10
centos
centos
firefox security update
2022-03-29 13:53:09
thunderbird security update
2022-03-29 13:54:14
cisa
cisa
CISA Adds 11 Known Exploited Vulnerabilities to Catalogβ―
2022-03-07 00:00:00
amazon
amazon
Important: thunderbird
2022-04-25 22:56:00
ibm
ibm
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2022-08-10 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2022-08-10 00:00:00