CVE-2022-40960

Published: 2022-12-22T20:15Z

Last Modified: 2025-04-15T15:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt