CVE-2022-46885 — Vulnetix

CVE-2022-46885 PUBLISHED CVSS 8.800000190734863 HIGH

Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106.

EPSS 0.37% · 59.2th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.37%

59.2th percentile

Affected Products

Vendor	Product	Versions
Mozilla	Firefox	unspecified
mozilla	firefox	0

Timeline

Dec 22, 2022 CVE Published
Dec 23, 2022 EPSS Score
Feb 2, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 16, 2023 EPSS Score
Apr 26, 2023 EPSS Score
Jun 7, 2023 EPSS Score
Jul 18, 2023 EPSS Score
Aug 29, 2023 EPSS Score
Oct 9, 2023 EPSS Score
Nov 20, 2023 EPSS Score
Dec 31, 2023 EPSS Score

References

Memory safety bugs fixed in Firefox 106 url
https://www.mozilla.org/security/advisories/mfsa2022-44/ url
https://nvd.nist.gov/vuln/detail/CVE-2022-46885 advisory
https://www.mozilla.org/security/advisories/mfsa2022-44 url

Open in Interactive Console →