CVE-2022-46882

Publication date 22 December 2022

Last updated 25 August 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

9.8 · Critical

Score breakdown

Description

A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.

Status

Package Ubuntu Release Status
thunderbird 23.04 lunar
Fixed 1:102.7.1+build2-0ubuntu1
22.10 kinetic
Fixed 1:102.7.1+build2-0ubuntu0.22.10.1
22.04 LTS jammy
Fixed 1:102.7.1+build2-0ubuntu0.22.04.1
20.04 LTS focal
Fixed 1:102.7.1+build2-0ubuntu0.20.04.1
18.04 LTS bionic
Fixed 1:102.7.1+build2-0ubuntu0.18.04.1
16.04 LTS xenial Ignored end of standard support
14.04 LTS trusty Ignored end of standard support

Severity score breakdown

CVSS version: CVSS v3.0

Base score 9.8 · Critical

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-5824-1
    • Thunderbird vulnerabilities
    • 6 February 2023

Other references

Access our resources on patching vulnerabilities