Main Vulnerability Database Vulnerabilities #VU63882

Reachable Assertion in Mozilla Firefox - CVE-2022-31745

Published: May 31, 2022

Vulnerability identifier: #VU63882

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-31745

CWE-ID: CWE-617

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Mozilla

Affected software:
Mozilla Firefox

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect assertion when array shift operations are not used. The Garbage Collector can become confused about valid objects. This can lead to application crash.

How to mitigate CVE-2022-31745

Install updates from vendor's website.

Sources

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/

Reachable Assertion in Mozilla Firefox - CVE-2022-31745

Detailed vulnerability description

How to mitigate CVE-2022-31745

Sources

Please verify you're human