vulnerability

Red Hat: CVE-2022-1097: CVE-2022-1097 Mozilla: Use-after-free in NSSToken objects (Multiple Advisories)

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Apr 8, 2022
Added
Apr 11, 2022
Modified
Jul 9, 2025

Description

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird

Solution(s)

no-fix-redhat-rpm-packageredhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-firefox-debugsourceredhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginforedhat-upgrade-thunderbird-debugsource
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.