![]() CVE-2022-26485: XSLT parameter processing flaw- removing an XSLT parameter during processing could lead to an exploitable use-after-free situation.The zero-day flaws fixed by Mozilla’s update rollout are: Perpetrators have been known to leverage this vulnerability type to crash programs and execute commands on compromised systems without authorization. Mozilla rolled out updates for Firefox, Focus, Firefox ESR and Firefox for Android to fix two high-severity zero-day vulnerabilities known to be actively exploited in real-life attacks.īoth flaws are Use-After-Free vulnerabilities, a type of bug that occurs when a program attempts to use previously cleared memory.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |