image credit: pixabay
With the latest update, Mozilla has patched CVE-2022-34470, a high-severity use-after-free issue in nsSHistory that was triggered when navigating between XML documents, and which could lead to a potentially exploitable crash.
Use-after-free vulnerabilities can be exploited to achieve arbitrary code execution, data corruption, or denial of service, and could lead to full system compromise if combined with other flaws. Malicious websites can exploit these bugs to escape a browser’s sandbox.
Comments are closed.
