CVE-2022-28285

Severity CVSS v4.0:
Pending analysis
Type:
CWE-125 Out-of-bounds Read
Publication date:
22/12/2022
Last modified:
16/04/2025

Description

When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 99.0 (excluding)
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* 91.8 (excluding)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* 91.8 (excluding)