vulnerability

Red Hat: CVE-2022-1097: CVE-2022-1097 Mozilla: Use-after-free in NSSToken objects (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:N/A:C)	Apr 8, 2022	Apr 11, 2022	Jul 9, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

Apr 8, 2022

Added

Apr 11, 2022

Modified

Jul 9, 2025

Description

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird

Solution(s)

no-fix-redhat-rpm-packageredhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-firefox-debugsourceredhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginforedhat-upgrade-thunderbird-debugsource

References

NVD-CVE-2022-1097
REDHAT-RHSA-2022:1284
REDHAT-RHSA-2022:1285
REDHAT-RHSA-2022:1286
REDHAT-RHSA-2022:1287
REDHAT-RHSA-2022:1301
REDHAT-RHSA-2022:1302
REDHAT-RHSA-2022:1305
REDHAT-RHSA-2022:1326

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today