Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2022-1097

<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Related bugs and status

CVE-2022-1097 (Candidate) is related to these bugs:

Bug #1970502: New release 91.8

Summary				In	Importance	Status
	1970502	New release 91.8		thunderbird (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.mozil...
MISC: https://www.mozilla.or...
MISC: https://www.mozilla.or...
MISC: https://www.mozilla.or...