How severe is CVE-2022-34480?

CVE-2022-34480 has a CVSS v3 score of 8.8 (HIGH).

CVE-2022-34480

Name: firefox
Author: mozilla

8.8HIGH

Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects

Опубликовано: 12/22/2022Обновлено: 4/15/2025

Описание

Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.

ИИ-АнализНа базе ИИ

Затронутые продукты

mozillafirefox

Ссылки

https://bugzilla.mozilla.org/show_bug.cgi?id=1454072
Issue TrackingPermissions RequiredVendor Advisory
https://www.mozilla.org/security/advisories/mfsa2022-24/
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1454072
Issue TrackingPermissions RequiredVendor Advisory
https://www.mozilla.org/security/advisories/mfsa2022-24/
Vendor Advisory