vulnerability
Red Hat: CVE-2022-1097: CVE-2022-1097 Mozilla: Use-after-free in NSSToken objects (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Apr 8, 2022 | Apr 11, 2022 | Jul 9, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Apr 8, 2022
Added
Apr 11, 2022
Modified
Jul 9, 2025
Description
NSSToken
objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird
Solution(s)
no-fix-redhat-rpm-packageredhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-firefox-debugsourceredhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginforedhat-upgrade-thunderbird-debugsource

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.