vulnerability

Amazon Linux AMI 2: CVE-2022-29913: Security patch for firefox, thunderbird (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:C/A:N)	Dec 22, 2022	Apr 26, 2024	May 20, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:C/A:N)

Published

Dec 22, 2022

Added

Apr 26, 2024

Modified

May 20, 2026

Description

The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird < 91.9.

Solutions

amazon-linux-ami-2-upgrade-firefoxamazon-linux-ami-2-upgrade-firefox-debuginfoamazon-linux-ami-2-upgrade-thunderbirdamazon-linux-ami-2-upgrade-thunderbird-debuginfo

References

AMAZON-AL2/ALAS-2025-2807
AMAZON-AL2/ALAS2FIREFOX-2023-011
AMAZON-AL2/ALASFIREFOX-2023-011
CVE-2022-29913
https://attackerkb.com/topics/CVE-2022-29913
CWE-285
EUVD-EUVD-2022-34223
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-34223

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report