Vulnerabilities > CVE-2022-46872 - Unspecified vulnerability in Mozilla Firefox

047910
CVSS 8.6 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
mozilla
NVD
Published: 2022-12-22
Updated: 2023-05-03

Summary

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.

Vulnerable Configurations

Part Description Count
Application
Mozilla
1208
OS
Linux
1

References