CVE-2022-1529 - log back

CVE-2022-1529 edited at 23 May 2022 10:45:11
Severity
- Unknown
+ Critical
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process.
References
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1770048
Notes
CVE-2022-1529 created at 23 May 2022 10:43:24