An attacker who compromised a content process could have...
High severity
Unreviewed
Published
Dec 22, 2022
to the GitHub Advisory Database
•
Updated May 12, 2023
Description
Published by the National Vulnerability Database
Dec 22, 2022
Published to the GitHub Advisory Database
Dec 22, 2022
Last updated
May 12, 2023
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.
This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
References