CVE-2022-46881

High

8.8/10

Summary

An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

References

Advisory Timeline

Published Dec 22, 2022

CVE-2022-46881

Summary

References

Advisory Timeline

ChainAlert

CodeBashing

DustiLock