The vulnerabilities, labeled CVE-2022-26485 and CVE-2022-26486, are both use-after-free (UAF) vulnerabilities that were reported to Mozilla by Chinese Internet security company Qihoo 360. As Kaspersky highlights, these types of vulnerabilities relate to the incorrect use of dynamic memory during a program’s execution.
https://www.techspot.com/news/93680-mozilla-patches-two-actively-exploited-zero-day-vulnerabilities.html?utm_source=dlvr.it&utm_medium=blogger
https://www.techspot.com/news/93680-mozilla-patches-two-actively-exploited-zero-day-vulnerabilities.html?utm_source=dlvr.it&utm_medium=blogger