CVE Vulnerabilities

CVE-2022-34472

Published: Dec 22, 2022 | Modified: Nov 21, 2024
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
6.1 MODERATE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Ubuntu
MEDIUM

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla * 102.0 (excluding)
Firefox_esr Mozilla * 91.11 (excluding)
Thunderbird Mozilla * 91.11 (excluding)
Red Hat Enterprise Linux 7 RedHat firefox-0:91.11.0-2.el7_9 *
Red Hat Enterprise Linux 7 RedHat thunderbird-0:91.11.0-2.el7_9 *
Red Hat Enterprise Linux 8 RedHat firefox-0:91.11.0-2.el8_6 *
Red Hat Enterprise Linux 8 RedHat thunderbird-0:91.11.0-2.el8_6 *
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions RedHat firefox-0:91.11.0-2.el8_1 *
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions RedHat thunderbird-0:91.11.0-2.el8_1 *
Red Hat Enterprise Linux 8.2 Extended Update Support RedHat firefox-0:91.11.0-2.el8_2 *
Red Hat Enterprise Linux 8.2 Extended Update Support RedHat thunderbird-0:91.11.0-2.el8_2 *
Red Hat Enterprise Linux 8.4 Extended Update Support RedHat firefox-0:91.11.0-2.el8_4 *
Red Hat Enterprise Linux 8.4 Extended Update Support RedHat thunderbird-0:91.11.0-2.el8_4 *
Red Hat Enterprise Linux 9 RedHat firefox-0:91.11.0-2.el9_0 *
Red Hat Enterprise Linux 9 RedHat thunderbird-0:91.11.0-2.el9_0 *
Firefox Ubuntu bionic *
Firefox Ubuntu focal *
Firefox Ubuntu impish *
Firefox Ubuntu upstream *
Thunderbird Ubuntu bionic *
Thunderbird Ubuntu devel *
Thunderbird Ubuntu focal *
Thunderbird Ubuntu impish *
Thunderbird Ubuntu jammy *
Thunderbird Ubuntu kinetic *
Thunderbird Ubuntu lunar *
Thunderbird Ubuntu trusty *
Thunderbird Ubuntu upstream *
Thunderbird Ubuntu xenial *

References