CVE-2022-22747 Information

Description

After accepting an untrusted certificate handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5 Firefox < 96 and Thunderbird < 91.5.

Reference

https://www.mozilla.org/security/advisories/mfsa2022-02/ https://www.mozilla.org/security/advisories/mfsa2022-01/ https://bugzilla.mozilla.org/show_bug.cgi?id=1735028 https://www.mozilla.org/security/advisories/mfsa2022-03/