How severe is CVE-2022-34480?

CVE-2022-34480 has a CVSS v3 score of 8.8 (HIGH).

CVE-2022-34480

Name: firefox
Author: mozilla

8.8HIGH

Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects

公開日: 12/22/2022更新日: 4/15/2025

説明

Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.

AI分析AIによる分析

影響を受ける製品

mozillafirefox

参照

https://bugzilla.mozilla.org/show_bug.cgi?id=1454072
Issue TrackingPermissions RequiredVendor Advisory
https://www.mozilla.org/security/advisories/mfsa2022-24/
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1454072
Issue TrackingPermissions RequiredVendor Advisory
https://www.mozilla.org/security/advisories/mfsa2022-24/
Vendor Advisory