Package Instance

reference_id

AVG-2728

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2729

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-19

reference_url

reference_id

mfsa2022-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-19

reference_url	https://access.redhat.com/errata/RHSA-2022:4729
reference_id	RHSA-2022:4729
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4729

reference_url	https://access.redhat.com/errata/RHSA-2022:4730
reference_id	RHSA-2022:4730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4730

reference_url	https://access.redhat.com/errata/RHSA-2022:4765
reference_id	RHSA-2022:4765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4765

reference_url	https://access.redhat.com/errata/RHSA-2022:4766
reference_id	RHSA-2022:4766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4766

reference_url	https://access.redhat.com/errata/RHSA-2022:4767
reference_id	RHSA-2022:4767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4767

reference_url	https://access.redhat.com/errata/RHSA-2022:4768
reference_id	RHSA-2022:4768
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4768

reference_url	https://access.redhat.com/errata/RHSA-2022:4769
reference_id	RHSA-2022:4769
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4769

reference_url	https://access.redhat.com/errata/RHSA-2022:4770
reference_id	RHSA-2022:4770
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4770

reference_url	https://access.redhat.com/errata/RHSA-2022:4772
reference_id	RHSA-2022:4772
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4772

reference_url	https://access.redhat.com/errata/RHSA-2022:4773
reference_id	RHSA-2022:4773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4773

reference_url	https://access.redhat.com/errata/RHSA-2022:4774
reference_id	RHSA-2022:4774
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4774

reference_url	https://access.redhat.com/errata/RHSA-2022:4776
reference_id	RHSA-2022:4776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4776

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-1529

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-25bh-n5g8-w7fz

url VCID-2vbu-m5sv-kkbb

vulnerability_id VCID-2vbu-m5sv-kkbb

summary The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34477

reference_id

reference_type

scores

value	0.00257
scoring_system	epss
scoring_elements	0.49258
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34477

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34477

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2vbu-m5sv-kkbb

url VCID-38br-a5x4-ska5

vulnerability_id VCID-38br-a5x4-ska5

summary Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29916.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29916.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29916

reference_id

reference_type

scores

value	0.00244
scoring_system	epss
scoring_elements	0.47897
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081470
reference_id	2081470
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081470

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29916

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-38br-a5x4-ska5

url VCID-3d8k-ah6f-nyft

vulnerability_id VCID-3d8k-ah6f-nyft

summary Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34485

reference_id

reference_type

scores

value	0.00607
scoring_system	epss
scoring_elements	0.70057
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34485

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34485

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3d8k-ah6f-nyft

url VCID-3qt5-w1we-67hp

vulnerability_id VCID-3qt5-w1we-67hp

summary When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28285.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28285.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28285

reference_id

reference_type

scores

value	0.00239
scoring_system	epss
scoring_elements	0.4717
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2072563
reference_id	2072563
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2072563

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2712

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_id

mfsa2022-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_id

mfsa2022-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_url	https://access.redhat.com/errata/RHSA-2022:1283
reference_id	RHSA-2022:1283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1283

reference_url	https://access.redhat.com/errata/RHSA-2022:1284
reference_id	RHSA-2022:1284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1284

reference_url	https://access.redhat.com/errata/RHSA-2022:1285
reference_id	RHSA-2022:1285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1285

reference_url	https://access.redhat.com/errata/RHSA-2022:1286
reference_id	RHSA-2022:1286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1286

reference_url	https://access.redhat.com/errata/RHSA-2022:1287
reference_id	RHSA-2022:1287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1287

reference_url	https://access.redhat.com/errata/RHSA-2022:1301
reference_id	RHSA-2022:1301
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1301

reference_url	https://access.redhat.com/errata/RHSA-2022:1302
reference_id	RHSA-2022:1302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1302

reference_url	https://access.redhat.com/errata/RHSA-2022:1303
reference_id	RHSA-2022:1303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1303

reference_url	https://access.redhat.com/errata/RHSA-2022:1305
reference_id	RHSA-2022:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1305

reference_url	https://access.redhat.com/errata/RHSA-2022:1326
reference_id	RHSA-2022:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1326

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28285

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3qt5-w1we-67hp

url VCID-3vss-46pp-p7c8

vulnerability_id VCID-3vss-46pp-p7c8

summary Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2505.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2505.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2505

reference_id

reference_type

scores

value	0.0026
scoring_system	epss
scoring_elements	0.49513
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2505

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2111910
reference_id	2111910
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2111910

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_id

mfsa2022-28

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-30

reference_id

mfsa2022-30

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-30

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-32

reference_id

mfsa2022-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-32

reference_url	https://access.redhat.com/errata/RHSA-2022:5765
reference_id	RHSA-2022:5765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5765

reference_url	https://access.redhat.com/errata/RHSA-2022:5766
reference_id	RHSA-2022:5766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5766

reference_url	https://access.redhat.com/errata/RHSA-2022:5767
reference_id	RHSA-2022:5767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5767

reference_url	https://access.redhat.com/errata/RHSA-2022:5769
reference_id	RHSA-2022:5769
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5769

reference_url	https://access.redhat.com/errata/RHSA-2022:5770
reference_id	RHSA-2022:5770
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5770

reference_url	https://access.redhat.com/errata/RHSA-2022:5771
reference_id	RHSA-2022:5771
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5771

reference_url	https://access.redhat.com/errata/RHSA-2022:5772
reference_id	RHSA-2022:5772
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5772

reference_url	https://access.redhat.com/errata/RHSA-2022:5773
reference_id	RHSA-2022:5773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5773

reference_url	https://access.redhat.com/errata/RHSA-2022:5774
reference_id	RHSA-2022:5774
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5774

reference_url	https://access.redhat.com/errata/RHSA-2022:5776
reference_id	RHSA-2022:5776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5776

reference_url	https://access.redhat.com/errata/RHSA-2022:5777
reference_id	RHSA-2022:5777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5777

reference_url	https://access.redhat.com/errata/RHSA-2022:5778
reference_id	RHSA-2022:5778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5778

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-2505

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3vss-46pp-p7c8

url VCID-3xnh-sesb-bfbv

vulnerability_id VCID-3xnh-sesb-bfbv

summary If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34472

reference_id

reference_type

scores

value	0.00457
scoring_system	epss
scoring_elements	0.64246
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102166
reference_id	2102166
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102166

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34472

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3xnh-sesb-bfbv

url VCID-4dx9-1499-gqcz

vulnerability_id VCID-4dx9-1499-gqcz

summary Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. *This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26386.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26386.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26386

reference_id

reference_type

scores

value	0.00363
scoring_system	epss
scoring_elements	0.58644
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2062224
reference_id	2062224
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2062224

reference_url

reference_id

AVG-2713

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_url

reference_id

mfsa2022-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_id

mfsa2022-12

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_url	https://access.redhat.com/errata/RHSA-2022:0815
reference_id	RHSA-2022:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0815

reference_url	https://access.redhat.com/errata/RHSA-2022:0816
reference_id	RHSA-2022:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0816

reference_url	https://access.redhat.com/errata/RHSA-2022:0817
reference_id	RHSA-2022:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0817

reference_url	https://access.redhat.com/errata/RHSA-2022:0818
reference_id	RHSA-2022:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0818

reference_url	https://access.redhat.com/errata/RHSA-2022:0824
reference_id	RHSA-2022:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0824

reference_url	https://access.redhat.com/errata/RHSA-2022:0843
reference_id	RHSA-2022:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0843

reference_url	https://access.redhat.com/errata/RHSA-2022:0845
reference_id	RHSA-2022:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0845

reference_url	https://access.redhat.com/errata/RHSA-2022:0847
reference_id	RHSA-2022:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0847

reference_url	https://access.redhat.com/errata/RHSA-2022:0850
reference_id	RHSA-2022:0850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0850

reference_url	https://access.redhat.com/errata/RHSA-2022:0853
reference_id	RHSA-2022:0853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0853

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26386

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dx9-1499-gqcz

url VCID-4kd4-g5ht-sygp

vulnerability_id VCID-4kd4-g5ht-sygp

summary An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34482

reference_id

reference_type

scores

value	0.0048
scoring_system	epss
scoring_elements	0.65414
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34482

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34482

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4kd4-g5ht-sygp

url VCID-4xhj-hee5-9qes

vulnerability_id VCID-4xhj-hee5-9qes

summary An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29911.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29911.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29911

reference_id

reference_type

scores

value	0.00317
scoring_system	epss
scoring_elements	0.55046
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081471
reference_id	2081471
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081471

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29911

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xhj-hee5-9qes

url VCID-6yc1-jutk-1fcz

vulnerability_id VCID-6yc1-jutk-1fcz

summary Session history navigations may have led to a use-after-free and potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34470

reference_id

reference_type

scores

value	0.00645
scoring_system	epss
scoring_elements	0.71076
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102162
reference_id	2102162
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102162

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34470

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yc1-jutk-1fcz

url VCID-7juy-9d9m-q3ak

vulnerability_id VCID-7juy-9d9m-q3ak

summary Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31747.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31747.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31747

reference_id

reference_type

scores

value	0.00657
scoring_system	epss
scoring_elements	0.71419
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2092026
reference_id	2092026
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2092026

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2761

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_id

mfsa2022-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_id

mfsa2022-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_url	https://access.redhat.com/errata/RHSA-2022:4870
reference_id	RHSA-2022:4870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4870

reference_url	https://access.redhat.com/errata/RHSA-2022:4871
reference_id	RHSA-2022:4871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4871

reference_url	https://access.redhat.com/errata/RHSA-2022:4872
reference_id	RHSA-2022:4872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4872

reference_url	https://access.redhat.com/errata/RHSA-2022:4873
reference_id	RHSA-2022:4873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4873

reference_url	https://access.redhat.com/errata/RHSA-2022:4875
reference_id	RHSA-2022:4875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4875

reference_url	https://access.redhat.com/errata/RHSA-2022:4876
reference_id	RHSA-2022:4876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4876

reference_url	https://access.redhat.com/errata/RHSA-2022:4887
reference_id	RHSA-2022:4887
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4887

reference_url	https://access.redhat.com/errata/RHSA-2022:4888
reference_id	RHSA-2022:4888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4888

reference_url	https://access.redhat.com/errata/RHSA-2022:4889
reference_id	RHSA-2022:4889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4889

reference_url	https://access.redhat.com/errata/RHSA-2022:4890
reference_id	RHSA-2022:4890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4890

reference_url	https://access.redhat.com/errata/RHSA-2022:4891
reference_id	RHSA-2022:4891
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4891

reference_url	https://access.redhat.com/errata/RHSA-2022:4892
reference_id	RHSA-2022:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4892

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31747

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7juy-9d9m-q3ak

url VCID-84eg-x618-8fh1

vulnerability_id VCID-84eg-x618-8fh1

summary Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0843

reference_id

reference_type

scores

value	0.00328
scoring_system	epss
scoring_elements	0.56067
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0843

reference_url

reference_id

AVG-2714

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

reference_id

mfsa2022-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-0843

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84eg-x618-8fh1

url VCID-8mx3-68nj-wkhc

vulnerability_id VCID-8mx3-68nj-wkhc

summary Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26485.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26485.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26485

reference_id

reference_type

scores

value	0.02853
scoring_system	epss
scoring_elements	0.86503
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26485

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2061736
reference_id	2061736
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2061736

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-09

reference_id

mfsa2022-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-09

reference_url	https://access.redhat.com/errata/RHSA-2022:0815
reference_id	RHSA-2022:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0815

reference_url	https://access.redhat.com/errata/RHSA-2022:0816
reference_id	RHSA-2022:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0816

reference_url	https://access.redhat.com/errata/RHSA-2022:0817
reference_id	RHSA-2022:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0817

reference_url	https://access.redhat.com/errata/RHSA-2022:0818
reference_id	RHSA-2022:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0818

reference_url	https://access.redhat.com/errata/RHSA-2022:0824
reference_id	RHSA-2022:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0824

reference_url	https://access.redhat.com/errata/RHSA-2022:0843
reference_id	RHSA-2022:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0843

reference_url	https://access.redhat.com/errata/RHSA-2022:0845
reference_id	RHSA-2022:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0845

reference_url	https://access.redhat.com/errata/RHSA-2022:0847
reference_id	RHSA-2022:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0847

reference_url	https://access.redhat.com/errata/RHSA-2022:0850
reference_id	RHSA-2022:0850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0850

reference_url	https://access.redhat.com/errata/RHSA-2022:0853
reference_id	RHSA-2022:0853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0853

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26485

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mx3-68nj-wkhc

url VCID-8mym-k9vn-kkcz

vulnerability_id VCID-8mym-k9vn-kkcz

summary In unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28287

reference_id

reference_type

scores

value	0.00235
scoring_system	epss
scoring_elements	0.46585
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28287

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28287

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mym-k9vn-kkcz

url VCID-8pg7-szzq-mqc6

vulnerability_id VCID-8pg7-szzq-mqc6

summary A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31741.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31741.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31741

reference_id

reference_type

scores

value	0.0031
scoring_system	epss
scoring_elements	0.54441
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2092024
reference_id	2092024
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2092024

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2761

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_id

mfsa2022-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_id

mfsa2022-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_url	https://access.redhat.com/errata/RHSA-2022:4870
reference_id	RHSA-2022:4870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4870

reference_url	https://access.redhat.com/errata/RHSA-2022:4871
reference_id	RHSA-2022:4871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4871

reference_url	https://access.redhat.com/errata/RHSA-2022:4872
reference_id	RHSA-2022:4872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4872

reference_url	https://access.redhat.com/errata/RHSA-2022:4873
reference_id	RHSA-2022:4873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4873

reference_url	https://access.redhat.com/errata/RHSA-2022:4875
reference_id	RHSA-2022:4875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4875

reference_url	https://access.redhat.com/errata/RHSA-2022:4876
reference_id	RHSA-2022:4876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4876

reference_url	https://access.redhat.com/errata/RHSA-2022:4887
reference_id	RHSA-2022:4887
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4887

reference_url	https://access.redhat.com/errata/RHSA-2022:4888
reference_id	RHSA-2022:4888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4888

reference_url	https://access.redhat.com/errata/RHSA-2022:4889
reference_id	RHSA-2022:4889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4889

reference_url	https://access.redhat.com/errata/RHSA-2022:4890
reference_id	RHSA-2022:4890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4890

reference_url	https://access.redhat.com/errata/RHSA-2022:4891
reference_id	RHSA-2022:4891
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4891

reference_url	https://access.redhat.com/errata/RHSA-2022:4892
reference_id	RHSA-2022:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4892

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31741

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8pg7-szzq-mqc6

url VCID-8sqq-nnpq-pkc2

vulnerability_id VCID-8sqq-nnpq-pkc2

summary After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1196.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1196.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1196

reference_id

reference_type

scores

value	0.00508
scoring_system	epss
scoring_elements	0.66678
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2072561
reference_id	2072561
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2072561

reference_url

reference_id

AVG-2712

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

reference_id

mfsa2022-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_id

mfsa2022-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_url	https://access.redhat.com/errata/RHSA-2022:1283
reference_id	RHSA-2022:1283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1283

reference_url	https://access.redhat.com/errata/RHSA-2022:1284
reference_id	RHSA-2022:1284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1284

reference_url	https://access.redhat.com/errata/RHSA-2022:1285
reference_id	RHSA-2022:1285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1285

reference_url	https://access.redhat.com/errata/RHSA-2022:1286
reference_id	RHSA-2022:1286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1286

reference_url	https://access.redhat.com/errata/RHSA-2022:1287
reference_id	RHSA-2022:1287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1287

reference_url	https://access.redhat.com/errata/RHSA-2022:1301
reference_id	RHSA-2022:1301
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1301

reference_url	https://access.redhat.com/errata/RHSA-2022:1302
reference_id	RHSA-2022:1302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1302

reference_url	https://access.redhat.com/errata/RHSA-2022:1303
reference_id	RHSA-2022:1303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1303

reference_url	https://access.redhat.com/errata/RHSA-2022:1305
reference_id	RHSA-2022:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1305

reference_url	https://access.redhat.com/errata/RHSA-2022:1326
reference_id	RHSA-2022:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1326

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-1196

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8sqq-nnpq-pkc2

url VCID-8th2-q8wd-tyec

vulnerability_id VCID-8th2-q8wd-tyec

summary The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34484

reference_id

reference_type

scores

value	0.0028
scoring_system	epss
scoring_elements	0.51578
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102169
reference_id	2102169
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102169

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34484

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8th2-q8wd-tyec

url VCID-agj1-b2vv-y7ej

vulnerability_id VCID-agj1-b2vv-y7ej

summary SVG's <use> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28284

reference_id

reference_type

scores

value	0.00328
scoring_system	epss
scoring_elements	0.56067
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28284

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28284

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-agj1-b2vv-y7ej

url VCID-amgp-4ct1-qff7

vulnerability_id VCID-amgp-4ct1-qff7

summary When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29910

reference_id

reference_type

scores

value	0.00153
scoring_system	epss
scoring_elements	0.35728
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29910

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29910

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-amgp-4ct1-qff7

url VCID-b4s7-kmmt-g7gv

vulnerability_id VCID-b4s7-kmmt-g7gv

summary The HTML Sanitizer should have sanitized the href attribute of SVG <use> tags; however it incorrectly did not sanitize xlink:href attributes.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34473

reference_id

reference_type

scores

value	0.00439
scoring_system	epss
scoring_elements	0.63468
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34473

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34473

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4s7-kmmt-g7gv

url VCID-bmn9-9sbm-uygc

vulnerability_id VCID-bmn9-9sbm-uygc

summary When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. *This bug only affects Firefox for Android. Other operating systems are unaffected.*

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34469

reference_id

reference_type

scores

value	0.00156
scoring_system	epss
scoring_elements	0.36073
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34469

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34469

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bmn9-9sbm-uygc

url VCID-bv8a-p6r5-17cz

vulnerability_id VCID-bv8a-p6r5-17cz

summary If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28281.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28281.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28281

reference_id

reference_type

scores

value	0.15741
scoring_system	epss
scoring_elements	0.94844
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2072560
reference_id	2072560
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2072560

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2712

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_id

mfsa2022-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_id

mfsa2022-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_url	https://access.redhat.com/errata/RHSA-2022:1283
reference_id	RHSA-2022:1283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1283

reference_url	https://access.redhat.com/errata/RHSA-2022:1284
reference_id	RHSA-2022:1284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1284

reference_url	https://access.redhat.com/errata/RHSA-2022:1285
reference_id	RHSA-2022:1285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1285

reference_url	https://access.redhat.com/errata/RHSA-2022:1286
reference_id	RHSA-2022:1286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1286

reference_url	https://access.redhat.com/errata/RHSA-2022:1287
reference_id	RHSA-2022:1287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1287

reference_url	https://access.redhat.com/errata/RHSA-2022:1301
reference_id	RHSA-2022:1301
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1301

reference_url	https://access.redhat.com/errata/RHSA-2022:1302
reference_id	RHSA-2022:1302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1302

reference_url	https://access.redhat.com/errata/RHSA-2022:1303
reference_id	RHSA-2022:1303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1303

reference_url	https://access.redhat.com/errata/RHSA-2022:1305
reference_id	RHSA-2022:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1305

reference_url	https://access.redhat.com/errata/RHSA-2022:1326
reference_id	RHSA-2022:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1326

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28281

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8a-p6r5-17cz

url VCID-bvhn-6mnr-vyas

vulnerability_id VCID-bvhn-6mnr-vyas

summary An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31742.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31742.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31742

reference_id

reference_type

scores

value	0.00357
scoring_system	epss
scoring_elements	0.58261
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2092025
reference_id	2092025
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2092025

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2761

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_id

mfsa2022-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_id

mfsa2022-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_url	https://access.redhat.com/errata/RHSA-2022:4870
reference_id	RHSA-2022:4870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4870

reference_url	https://access.redhat.com/errata/RHSA-2022:4871
reference_id	RHSA-2022:4871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4871

reference_url	https://access.redhat.com/errata/RHSA-2022:4872
reference_id	RHSA-2022:4872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4872

reference_url	https://access.redhat.com/errata/RHSA-2022:4873
reference_id	RHSA-2022:4873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4873

reference_url	https://access.redhat.com/errata/RHSA-2022:4875
reference_id	RHSA-2022:4875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4875

reference_url	https://access.redhat.com/errata/RHSA-2022:4876
reference_id	RHSA-2022:4876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4876

reference_url	https://access.redhat.com/errata/RHSA-2022:4887
reference_id	RHSA-2022:4887
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4887

reference_url	https://access.redhat.com/errata/RHSA-2022:4888
reference_id	RHSA-2022:4888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4888

reference_url	https://access.redhat.com/errata/RHSA-2022:4889
reference_id	RHSA-2022:4889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4889

reference_url	https://access.redhat.com/errata/RHSA-2022:4890
reference_id	RHSA-2022:4890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4890

reference_url	https://access.redhat.com/errata/RHSA-2022:4891
reference_id	RHSA-2022:4891
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4891

reference_url	https://access.redhat.com/errata/RHSA-2022:4892
reference_id	RHSA-2022:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4892

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31742

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvhn-6mnr-vyas

url VCID-cbtq-agxw-57f7

vulnerability_id VCID-cbtq-agxw-57f7

summary When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36318.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36318.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36318

reference_id

reference_type

scores

value	0.00207
scoring_system	epss
scoring_elements	0.43113
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36318

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2111908
reference_id	2111908
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2111908

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_id

mfsa2022-28

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-29

reference_id

mfsa2022-29

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-29

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-30

reference_id

mfsa2022-30

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-30

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-31

reference_id

mfsa2022-31

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-31

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-32

reference_id

mfsa2022-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-32

reference_url	https://access.redhat.com/errata/RHSA-2022:5765
reference_id	RHSA-2022:5765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5765

reference_url	https://access.redhat.com/errata/RHSA-2022:5766
reference_id	RHSA-2022:5766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5766

reference_url	https://access.redhat.com/errata/RHSA-2022:5767
reference_id	RHSA-2022:5767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5767

reference_url	https://access.redhat.com/errata/RHSA-2022:5769
reference_id	RHSA-2022:5769
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5769

reference_url	https://access.redhat.com/errata/RHSA-2022:5770
reference_id	RHSA-2022:5770
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5770

reference_url	https://access.redhat.com/errata/RHSA-2022:5771
reference_id	RHSA-2022:5771
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5771

reference_url	https://access.redhat.com/errata/RHSA-2022:5772
reference_id	RHSA-2022:5772
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5772

reference_url	https://access.redhat.com/errata/RHSA-2022:5773
reference_id	RHSA-2022:5773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5773

reference_url	https://access.redhat.com/errata/RHSA-2022:5774
reference_id	RHSA-2022:5774
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5774

reference_url	https://access.redhat.com/errata/RHSA-2022:5776
reference_id	RHSA-2022:5776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5776

reference_url	https://access.redhat.com/errata/RHSA-2022:5777
reference_id	RHSA-2022:5777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5777

reference_url	https://access.redhat.com/errata/RHSA-2022:5778
reference_id	RHSA-2022:5778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5778

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-36318

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtq-agxw-57f7

url VCID-ceu2-6hth-pqhp

vulnerability_id VCID-ceu2-6hth-pqhp

summary In the nsTArray_Impl::ReplaceElementsAt() function, an integer overflow could have occurred when the number of elements to replace was too large for the container.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34481

reference_id

reference_type

scores

value	0.00212
scoring_system	epss
scoring_elements	0.43678
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102164
reference_id	2102164
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102164

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34481

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ceu2-6hth-pqhp

url VCID-cz8b-p2t3-ebgy

vulnerability_id VCID-cz8b-p2t3-ebgy

summary A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31737.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31737.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31737

reference_id

reference_type

scores

value	0.00394
scoring_system	epss
scoring_elements	0.60598
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2092019
reference_id	2092019
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2092019

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2761

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_id

mfsa2022-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_id

mfsa2022-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_url	https://access.redhat.com/errata/RHSA-2022:4870
reference_id	RHSA-2022:4870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4870

reference_url	https://access.redhat.com/errata/RHSA-2022:4871
reference_id	RHSA-2022:4871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4871

reference_url	https://access.redhat.com/errata/RHSA-2022:4872
reference_id	RHSA-2022:4872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4872

reference_url	https://access.redhat.com/errata/RHSA-2022:4873
reference_id	RHSA-2022:4873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4873

reference_url	https://access.redhat.com/errata/RHSA-2022:4875
reference_id	RHSA-2022:4875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4875

reference_url	https://access.redhat.com/errata/RHSA-2022:4876
reference_id	RHSA-2022:4876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4876

reference_url	https://access.redhat.com/errata/RHSA-2022:4887
reference_id	RHSA-2022:4887
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4887

reference_url	https://access.redhat.com/errata/RHSA-2022:4888
reference_id	RHSA-2022:4888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4888

reference_url	https://access.redhat.com/errata/RHSA-2022:4889
reference_id	RHSA-2022:4889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4889

reference_url	https://access.redhat.com/errata/RHSA-2022:4890
reference_id	RHSA-2022:4890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4890

reference_url	https://access.redhat.com/errata/RHSA-2022:4891
reference_id	RHSA-2022:4891
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4891

reference_url	https://access.redhat.com/errata/RHSA-2022:4892
reference_id	RHSA-2022:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4892

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31737

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cz8b-p2t3-ebgy

url VCID-dgm8-wwst-kbe2

vulnerability_id VCID-dgm8-wwst-kbe2

summary An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31744

reference_id

reference_type

scores

value	0.00065
scoring_system	epss
scoring_elements	0.20473
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102165
reference_id	2102165
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102165

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31744

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgm8-wwst-kbe2

url VCID-dh5x-c794-tqbw

vulnerability_id VCID-dh5x-c794-tqbw

summary If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26384.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26384.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26384

reference_id

reference_type

scores

value	0.00186
scoring_system	epss
scoring_elements	0.40229
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2062221
reference_id	2062221
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2062221

reference_url

reference_id

AVG-2713

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2714

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

reference_id

mfsa2022-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_id

mfsa2022-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_id

mfsa2022-12

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_url	https://access.redhat.com/errata/RHSA-2022:0815
reference_id	RHSA-2022:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0815

reference_url	https://access.redhat.com/errata/RHSA-2022:0816
reference_id	RHSA-2022:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0816

reference_url	https://access.redhat.com/errata/RHSA-2022:0817
reference_id	RHSA-2022:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0817

reference_url	https://access.redhat.com/errata/RHSA-2022:0818
reference_id	RHSA-2022:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0818

reference_url	https://access.redhat.com/errata/RHSA-2022:0824
reference_id	RHSA-2022:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0824

reference_url	https://access.redhat.com/errata/RHSA-2022:0843
reference_id	RHSA-2022:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0843

reference_url	https://access.redhat.com/errata/RHSA-2022:0845
reference_id	RHSA-2022:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0845

reference_url	https://access.redhat.com/errata/RHSA-2022:0847
reference_id	RHSA-2022:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0847

reference_url	https://access.redhat.com/errata/RHSA-2022:0850
reference_id	RHSA-2022:0850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0850

reference_url	https://access.redhat.com/errata/RHSA-2022:0853
reference_id	RHSA-2022:0853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0853

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26384

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5x-c794-tqbw

url VCID-dnd5-9xgp-u7h9

vulnerability_id VCID-dnd5-9xgp-u7h9

summary Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31743

reference_id

reference_type

scores

value	0.00498
scoring_system	epss
scoring_elements	0.66213
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31743

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31743

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dnd5-9xgp-u7h9

url VCID-du9t-tmex-akfm

vulnerability_id VCID-du9t-tmex-akfm

summary Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28289.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28289.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28289

reference_id

reference_type

scores

value	0.00704
scoring_system	epss
scoring_elements	0.72463
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28289

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2072566
reference_id	2072566
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2072566

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2712

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_id

mfsa2022-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_id

mfsa2022-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_url	https://access.redhat.com/errata/RHSA-2022:1283
reference_id	RHSA-2022:1283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1283

reference_url	https://access.redhat.com/errata/RHSA-2022:1284
reference_id	RHSA-2022:1284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1284

reference_url	https://access.redhat.com/errata/RHSA-2022:1285
reference_id	RHSA-2022:1285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1285

reference_url	https://access.redhat.com/errata/RHSA-2022:1286
reference_id	RHSA-2022:1286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1286

reference_url	https://access.redhat.com/errata/RHSA-2022:1287
reference_id	RHSA-2022:1287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1287

reference_url	https://access.redhat.com/errata/RHSA-2022:1301
reference_id	RHSA-2022:1301
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1301

reference_url	https://access.redhat.com/errata/RHSA-2022:1302
reference_id	RHSA-2022:1302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1302

reference_url	https://access.redhat.com/errata/RHSA-2022:1303
reference_id	RHSA-2022:1303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1303

reference_url	https://access.redhat.com/errata/RHSA-2022:1305
reference_id	RHSA-2022:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1305

reference_url	https://access.redhat.com/errata/RHSA-2022:1326
reference_id	RHSA-2022:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1326

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28289

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-du9t-tmex-akfm

url VCID-ew5u-u3zx-87cv

vulnerability_id VCID-ew5u-u3zx-87cv

summary When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34471

reference_id

reference_type

scores

value	0.00108
scoring_system	epss
scoring_elements	0.28606
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34471

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34471

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ew5u-u3zx-87cv

url VCID-f31y-6u4c-t3a9

vulnerability_id VCID-f31y-6u4c-t3a9

summary Requests initiated through reader mode did not properly omit cookies with a SameSite attribute.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29912.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29912.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29912

reference_id

reference_type

scores

value	0.0042
scoring_system	epss
scoring_elements	0.62281
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081472
reference_id	2081472
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081472

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29912

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f31y-6u4c-t3a9

url VCID-f9nt-79kq-6kbf

vulnerability_id VCID-f9nt-79kq-6kbf

summary When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31738.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31738.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31738

reference_id

reference_type

scores

value	0.00361
scoring_system	epss
scoring_elements	0.58507
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2092021
reference_id	2092021
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2092021

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2761

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_id

mfsa2022-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_id

mfsa2022-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_url	https://access.redhat.com/errata/RHSA-2022:4870
reference_id	RHSA-2022:4870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4870

reference_url	https://access.redhat.com/errata/RHSA-2022:4871
reference_id	RHSA-2022:4871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4871

reference_url	https://access.redhat.com/errata/RHSA-2022:4872
reference_id	RHSA-2022:4872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4872

reference_url	https://access.redhat.com/errata/RHSA-2022:4873
reference_id	RHSA-2022:4873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4873

reference_url	https://access.redhat.com/errata/RHSA-2022:4875
reference_id	RHSA-2022:4875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4875

reference_url	https://access.redhat.com/errata/RHSA-2022:4876
reference_id	RHSA-2022:4876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4876

reference_url	https://access.redhat.com/errata/RHSA-2022:4887
reference_id	RHSA-2022:4887
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4887

reference_url	https://access.redhat.com/errata/RHSA-2022:4888
reference_id	RHSA-2022:4888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4888

reference_url	https://access.redhat.com/errata/RHSA-2022:4889
reference_id	RHSA-2022:4889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4889

reference_url	https://access.redhat.com/errata/RHSA-2022:4890
reference_id	RHSA-2022:4890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4890

reference_url	https://access.redhat.com/errata/RHSA-2022:4891
reference_id	RHSA-2022:4891
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4891

reference_url	https://access.redhat.com/errata/RHSA-2022:4892
reference_id	RHSA-2022:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4892

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31738

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9nt-79kq-6kbf

url VCID-fmy7-eawb-5ud7

vulnerability_id VCID-fmy7-eawb-5ud7

summary The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28283

reference_id

reference_type

scores

value	0.00323
scoring_system	epss
scoring_elements	0.55669
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28283

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28283

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fmy7-eawb-5ud7

url VCID-fn1d-vq36-mkeu

vulnerability_id VCID-fn1d-vq36-mkeu

summary When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26387.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26387

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.46671
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2062222
reference_id	2062222
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2062222

reference_url

reference_id

AVG-2713

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2714

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

reference_id

mfsa2022-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_id

mfsa2022-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_id

mfsa2022-12

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_url	https://access.redhat.com/errata/RHSA-2022:0815
reference_id	RHSA-2022:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0815

reference_url	https://access.redhat.com/errata/RHSA-2022:0816
reference_id	RHSA-2022:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0816

reference_url	https://access.redhat.com/errata/RHSA-2022:0817
reference_id	RHSA-2022:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0817

reference_url	https://access.redhat.com/errata/RHSA-2022:0818
reference_id	RHSA-2022:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0818

reference_url	https://access.redhat.com/errata/RHSA-2022:0824
reference_id	RHSA-2022:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0824

reference_url	https://access.redhat.com/errata/RHSA-2022:0843
reference_id	RHSA-2022:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0843

reference_url	https://access.redhat.com/errata/RHSA-2022:0845
reference_id	RHSA-2022:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0845

reference_url	https://access.redhat.com/errata/RHSA-2022:0847
reference_id	RHSA-2022:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0847

reference_url	https://access.redhat.com/errata/RHSA-2022:0850
reference_id	RHSA-2022:0850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0850

reference_url	https://access.redhat.com/errata/RHSA-2022:0853
reference_id	RHSA-2022:0853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0853

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26387

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1d-vq36-mkeu

url VCID-fr7u-m88d-bqch

vulnerability_id VCID-fr7u-m88d-bqch

summary While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26382

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.39692
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26382

reference_url

reference_id

AVG-2714

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

reference_id

mfsa2022-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26382

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fr7u-m88d-bqch

url VCID-fug4-fdx3-47d3

vulnerability_id VCID-fug4-fdx3-47d3

summary SVG <use> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34475

reference_id

reference_type

scores

value	0.00679
scoring_system	epss
scoring_elements	0.71965
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34475

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34475

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fug4-fdx3-47d3

url VCID-gphr-qsyj-63gz

vulnerability_id VCID-gphr-qsyj-63gz

summary Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28286.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28286.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28286

reference_id

reference_type

scores

value	0.0035
scoring_system	epss
scoring_elements	0.57748
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2072564
reference_id	2072564
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2072564

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2712

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_id

mfsa2022-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_id

mfsa2022-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_url	https://access.redhat.com/errata/RHSA-2022:1283
reference_id	RHSA-2022:1283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1283

reference_url	https://access.redhat.com/errata/RHSA-2022:1284
reference_id	RHSA-2022:1284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1284

reference_url	https://access.redhat.com/errata/RHSA-2022:1285
reference_id	RHSA-2022:1285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1285

reference_url	https://access.redhat.com/errata/RHSA-2022:1286
reference_id	RHSA-2022:1286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1286

reference_url	https://access.redhat.com/errata/RHSA-2022:1287
reference_id	RHSA-2022:1287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1287

reference_url	https://access.redhat.com/errata/RHSA-2022:1301
reference_id	RHSA-2022:1301
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1301

reference_url	https://access.redhat.com/errata/RHSA-2022:1302
reference_id	RHSA-2022:1302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1302

reference_url	https://access.redhat.com/errata/RHSA-2022:1303
reference_id	RHSA-2022:1303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1303

reference_url	https://access.redhat.com/errata/RHSA-2022:1305
reference_id	RHSA-2022:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1305

reference_url	https://access.redhat.com/errata/RHSA-2022:1326
reference_id	RHSA-2022:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1326

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28286

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gphr-qsyj-63gz

url VCID-gtat-vu5d-7qgu

vulnerability_id VCID-gtat-vu5d-7qgu

summary If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1802.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1802.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1802

reference_id

reference_type

scores

value	0.67932
scoring_system	epss
scoring_elements	0.98606
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2089217
reference_id	2089217
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2089217

reference_url

reference_id

AVG-2728

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2729

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-19

reference_url

reference_id

mfsa2022-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-19

reference_url	https://access.redhat.com/errata/RHSA-2022:4729
reference_id	RHSA-2022:4729
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4729

reference_url	https://access.redhat.com/errata/RHSA-2022:4730
reference_id	RHSA-2022:4730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4730

reference_url	https://access.redhat.com/errata/RHSA-2022:4765
reference_id	RHSA-2022:4765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4765

reference_url	https://access.redhat.com/errata/RHSA-2022:4766
reference_id	RHSA-2022:4766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4766

reference_url	https://access.redhat.com/errata/RHSA-2022:4767
reference_id	RHSA-2022:4767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4767

reference_url	https://access.redhat.com/errata/RHSA-2022:4768
reference_id	RHSA-2022:4768
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4768

reference_url	https://access.redhat.com/errata/RHSA-2022:4769
reference_id	RHSA-2022:4769
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4769

reference_url	https://access.redhat.com/errata/RHSA-2022:4770
reference_id	RHSA-2022:4770
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4770

reference_url	https://access.redhat.com/errata/RHSA-2022:4772
reference_id	RHSA-2022:4772
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4772

reference_url	https://access.redhat.com/errata/RHSA-2022:4773
reference_id	RHSA-2022:4773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4773

reference_url	https://access.redhat.com/errata/RHSA-2022:4774
reference_id	RHSA-2022:4774
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4774

reference_url	https://access.redhat.com/errata/RHSA-2022:4776
reference_id	RHSA-2022:4776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4776

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-1802

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtat-vu5d-7qgu

url VCID-hgcq-j17a-73g2

vulnerability_id VCID-hgcq-j17a-73g2

summary A malicious website could have learned the size of a cross-origin resource that supported Range requests.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31736.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31736.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31736

reference_id

reference_type

scores

value	0.00407
scoring_system	epss
scoring_elements	0.61475
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2092018
reference_id	2092018
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2092018

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2761

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_id

mfsa2022-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_id

mfsa2022-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_url	https://access.redhat.com/errata/RHSA-2022:4870
reference_id	RHSA-2022:4870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4870

reference_url	https://access.redhat.com/errata/RHSA-2022:4871
reference_id	RHSA-2022:4871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4871

reference_url	https://access.redhat.com/errata/RHSA-2022:4872
reference_id	RHSA-2022:4872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4872

reference_url	https://access.redhat.com/errata/RHSA-2022:4873
reference_id	RHSA-2022:4873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4873

reference_url	https://access.redhat.com/errata/RHSA-2022:4875
reference_id	RHSA-2022:4875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4875

reference_url	https://access.redhat.com/errata/RHSA-2022:4876
reference_id	RHSA-2022:4876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4876

reference_url	https://access.redhat.com/errata/RHSA-2022:4887
reference_id	RHSA-2022:4887
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4887

reference_url	https://access.redhat.com/errata/RHSA-2022:4888
reference_id	RHSA-2022:4888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4888

reference_url	https://access.redhat.com/errata/RHSA-2022:4889
reference_id	RHSA-2022:4889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4889

reference_url	https://access.redhat.com/errata/RHSA-2022:4890
reference_id	RHSA-2022:4890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4890

reference_url	https://access.redhat.com/errata/RHSA-2022:4891
reference_id	RHSA-2022:4891
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4891

reference_url	https://access.redhat.com/errata/RHSA-2022:4892
reference_id	RHSA-2022:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4892

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31736

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgcq-j17a-73g2

url VCID-j4qf-hfjp-5yct

vulnerability_id VCID-j4qf-hfjp-5yct

summary Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31748

reference_id

reference_type

scores

value	0.00607
scoring_system	epss
scoring_elements	0.70057
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31748

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31748

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4qf-hfjp-5yct

url VCID-jf7m-tfa7-rkf1

vulnerability_id VCID-jf7m-tfa7-rkf1

summary Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29917.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29917.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29917

reference_id

reference_type

scores

value	0.00344
scoring_system	epss
scoring_elements	0.57277
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081473
reference_id	2081473
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081473

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29917

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jf7m-tfa7-rkf1

url VCID-kemt-xhv2-u7aq

vulnerability_id VCID-kemt-xhv2-u7aq

summary The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Firefox), so in this release Firefox has blocked these protocols from prompting the user to open them.*This bug only affects Firefox on Windows. Other operating systems are unaffected.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34478

reference_id

reference_type

scores

value	0.00148
scoring_system	epss
scoring_elements	0.35041
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34478

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102167
reference_id	2102167
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102167

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34478

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kemt-xhv2-u7aq

url VCID-knjh-ah43-mycg

vulnerability_id VCID-knjh-ah43-mycg

summary Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34480.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34480.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34480

reference_id

reference_type

scores

value	0.00399
scoring_system	epss
scoring_elements	0.60972
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34480

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2359028
reference_id	2359028
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2359028

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34480

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-knjh-ah43-mycg

url VCID-m13c-26h4-yffd

vulnerability_id VCID-m13c-26h4-yffd

summary ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34476

reference_id

reference_type

scores

value	0.00571
scoring_system	epss
scoring_elements	0.68997
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34476

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34476

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m13c-26h4-yffd

url VCID-m2zd-45v4-mbbj

vulnerability_id VCID-m2zd-45v4-mbbj

summary When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36315

reference_id

reference_type

scores

value	0.00158
scoring_system	epss
scoring_elements	0.36358
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36315

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_id

mfsa2022-28

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-36315

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2zd-45v4-mbbj

url VCID-mdqf-k97m-h3hx

vulnerability_id VCID-mdqf-k97m-h3hx

summary When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29914.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29914.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29914

reference_id

reference_type

scores

value	0.00239
scoring_system	epss
scoring_elements	0.47096
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081468
reference_id	2081468
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081468

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29914

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mdqf-k97m-h3hx

url VCID-me5q-nc1u-nudh

vulnerability_id VCID-me5q-nc1u-nudh

summary An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26486.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26486.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26486

reference_id

reference_type

scores

value	0.02529
scoring_system	epss
scoring_elements	0.85708
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26486

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2061735
reference_id	2061735
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2061735

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-09

reference_id

mfsa2022-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-09

reference_url	https://access.redhat.com/errata/RHSA-2022:0815
reference_id	RHSA-2022:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0815

reference_url	https://access.redhat.com/errata/RHSA-2022:0816
reference_id	RHSA-2022:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0816

reference_url	https://access.redhat.com/errata/RHSA-2022:0817
reference_id	RHSA-2022:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0817

reference_url	https://access.redhat.com/errata/RHSA-2022:0818
reference_id	RHSA-2022:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0818

reference_url	https://access.redhat.com/errata/RHSA-2022:0824
reference_id	RHSA-2022:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0824

reference_url	https://access.redhat.com/errata/RHSA-2022:0843
reference_id	RHSA-2022:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0843

reference_url	https://access.redhat.com/errata/RHSA-2022:0845
reference_id	RHSA-2022:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0845

reference_url	https://access.redhat.com/errata/RHSA-2022:0847
reference_id	RHSA-2022:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0847

reference_url	https://access.redhat.com/errata/RHSA-2022:0850
reference_id	RHSA-2022:0850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0850

reference_url	https://access.redhat.com/errata/RHSA-2022:0853
reference_id	RHSA-2022:0853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0853

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26486

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-me5q-nc1u-nudh

url VCID-mu7w-p8w8-hbfr

vulnerability_id VCID-mu7w-p8w8-hbfr

summary When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36319.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36319.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36319

reference_id

reference_type

scores

value	0.00157
scoring_system	epss
scoring_elements	0.36244
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36319

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2111907
reference_id	2111907
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2111907

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_id

mfsa2022-28

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-29

reference_id

mfsa2022-29

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-29

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-30

reference_id

mfsa2022-30

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-30

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-31

reference_id

mfsa2022-31

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-31

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-32

reference_id

mfsa2022-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-32

reference_url	https://access.redhat.com/errata/RHSA-2022:5765
reference_id	RHSA-2022:5765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5765

reference_url	https://access.redhat.com/errata/RHSA-2022:5766
reference_id	RHSA-2022:5766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5766

reference_url	https://access.redhat.com/errata/RHSA-2022:5767
reference_id	RHSA-2022:5767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5767

reference_url	https://access.redhat.com/errata/RHSA-2022:5769
reference_id	RHSA-2022:5769
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5769

reference_url	https://access.redhat.com/errata/RHSA-2022:5770
reference_id	RHSA-2022:5770
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5770

reference_url	https://access.redhat.com/errata/RHSA-2022:5771
reference_id	RHSA-2022:5771
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5771

reference_url	https://access.redhat.com/errata/RHSA-2022:5772
reference_id	RHSA-2022:5772
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5772

reference_url	https://access.redhat.com/errata/RHSA-2022:5773
reference_id	RHSA-2022:5773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5773

reference_url	https://access.redhat.com/errata/RHSA-2022:5774
reference_id	RHSA-2022:5774
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5774

reference_url	https://access.redhat.com/errata/RHSA-2022:5776
reference_id	RHSA-2022:5776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5776

reference_url	https://access.redhat.com/errata/RHSA-2022:5777
reference_id	RHSA-2022:5777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5777

reference_url	https://access.redhat.com/errata/RHSA-2022:5778
reference_id	RHSA-2022:5778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5778

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-36319

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mu7w-p8w8-hbfr

url VCID-nm7b-hwnd-eud6

vulnerability_id VCID-nm7b-hwnd-eud6

summary The rust regex crate did not properly prevent crafted regular expressions from taking an arbitrary amount of time during parsing. If an attacker was able to supply input to this crate, they could have caused a denial of service in the browser.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24713.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24713.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24713

reference_id

reference_type

scores

value	0.10404
scoring_system	epss
scoring_elements	0.93348
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289

reference_url

https://github.com/rust-lang/regex

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rust-lang/regex

reference_url

https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e

reference_url

https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8

reference_url

https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw

reference_url

https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-24713

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-24713

reference_url

https://rustsec.org/advisories/RUSTSEC-2022-0013.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://rustsec.org/advisories/RUSTSEC-2022-0013.html

reference_url

https://security.gentoo.org/glsa/202208-08

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202208-08

reference_url

https://security.gentoo.org/glsa/202208-14

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202208-14

reference_url

https://www.debian.org/security/2022/dsa-5113

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2022/dsa-5113

reference_url

https://www.debian.org/security/2022/dsa-5118

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2022/dsa-5118

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007176
reference_id	1007176
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007176

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2072565
reference_id	2072565
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2072565

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2712

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_id

mfsa2022-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_id

mfsa2022-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_url	https://access.redhat.com/errata/RHSA-2022:1283
reference_id	RHSA-2022:1283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1283

reference_url	https://access.redhat.com/errata/RHSA-2022:1284
reference_id	RHSA-2022:1284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1284

reference_url	https://access.redhat.com/errata/RHSA-2022:1285
reference_id	RHSA-2022:1285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1285

reference_url	https://access.redhat.com/errata/RHSA-2022:1286
reference_id	RHSA-2022:1286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1286

reference_url	https://access.redhat.com/errata/RHSA-2022:1287
reference_id	RHSA-2022:1287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1287

reference_url	https://access.redhat.com/errata/RHSA-2022:1301
reference_id	RHSA-2022:1301
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1301

reference_url	https://access.redhat.com/errata/RHSA-2022:1302
reference_id	RHSA-2022:1302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1302

reference_url	https://access.redhat.com/errata/RHSA-2022:1303
reference_id	RHSA-2022:1303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1303

reference_url	https://access.redhat.com/errata/RHSA-2022:1305
reference_id	RHSA-2022:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1305

reference_url	https://access.redhat.com/errata/RHSA-2022:1326
reference_id	RHSA-2022:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1326

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-24713, GHSA-m5pq-gvj9-9vr8

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nm7b-hwnd-eud6

url VCID-nwsq-gzra-v3b4

vulnerability_id VCID-nwsq-gzra-v3b4

summary By using a link with rel="localization" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28282.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28282.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28282

reference_id

reference_type

scores

value	0.08076
scoring_system	epss
scoring_elements	0.9229
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2072562
reference_id	2072562
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2072562

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2712

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_id

mfsa2022-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_id

mfsa2022-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-15

reference_url	https://access.redhat.com/errata/RHSA-2022:1283
reference_id	RHSA-2022:1283
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1283

reference_url	https://access.redhat.com/errata/RHSA-2022:1284
reference_id	RHSA-2022:1284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1284

reference_url	https://access.redhat.com/errata/RHSA-2022:1285
reference_id	RHSA-2022:1285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1285

reference_url	https://access.redhat.com/errata/RHSA-2022:1286
reference_id	RHSA-2022:1286
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1286

reference_url	https://access.redhat.com/errata/RHSA-2022:1287
reference_id	RHSA-2022:1287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1287

reference_url	https://access.redhat.com/errata/RHSA-2022:1301
reference_id	RHSA-2022:1301
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1301

reference_url	https://access.redhat.com/errata/RHSA-2022:1302
reference_id	RHSA-2022:1302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1302

reference_url	https://access.redhat.com/errata/RHSA-2022:1303
reference_id	RHSA-2022:1303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1303

reference_url	https://access.redhat.com/errata/RHSA-2022:1305
reference_id	RHSA-2022:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1305

reference_url	https://access.redhat.com/errata/RHSA-2022:1326
reference_id	RHSA-2022:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1326

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28282

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nwsq-gzra-v3b4

url VCID-qtp2-hmv8-xbd8

vulnerability_id VCID-qtp2-hmv8-xbd8

summary Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36320

reference_id

reference_type

scores

value	0.00494
scoring_system	epss
scoring_elements	0.66091
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36320

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_id

mfsa2022-28

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-36320

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp2-hmv8-xbd8

url VCID-quej-mhus-dbgg

vulnerability_id VCID-quej-mhus-dbgg

summary The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29915

reference_id

reference_type

scores

value	0.00131
scoring_system	epss
scoring_elements	0.32209
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29915

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29915

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-quej-mhus-dbgg

url VCID-rdaw-zju9-2kbq

vulnerability_id VCID-rdaw-zju9-2kbq

summary Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28288

reference_id

reference_type

scores

value	0.00359
scoring_system	epss
scoring_elements	0.58382
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28288

reference_url

reference_id

AVG-2711

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

reference_url

reference_id

mfsa2022-13

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-13

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-28288

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdaw-zju9-2kbq

url VCID-s1bx-3697-jqeq

vulnerability_id VCID-s1bx-3697-jqeq

summary An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26381.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26381.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26381

reference_id

reference_type

scores

value	0.0019
scoring_system	epss
scoring_elements	0.40645
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2062223
reference_id	2062223
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2062223

reference_url

reference_id

AVG-2713

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2714

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

reference_id

mfsa2022-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_id

mfsa2022-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_id

mfsa2022-12

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_url	https://access.redhat.com/errata/RHSA-2022:0815
reference_id	RHSA-2022:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0815

reference_url	https://access.redhat.com/errata/RHSA-2022:0816
reference_id	RHSA-2022:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0816

reference_url	https://access.redhat.com/errata/RHSA-2022:0817
reference_id	RHSA-2022:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0817

reference_url	https://access.redhat.com/errata/RHSA-2022:0818
reference_id	RHSA-2022:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0818

reference_url	https://access.redhat.com/errata/RHSA-2022:0824
reference_id	RHSA-2022:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0824

reference_url	https://access.redhat.com/errata/RHSA-2022:0843
reference_id	RHSA-2022:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0843

reference_url	https://access.redhat.com/errata/RHSA-2022:0845
reference_id	RHSA-2022:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0845

reference_url	https://access.redhat.com/errata/RHSA-2022:0847
reference_id	RHSA-2022:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0847

reference_url	https://access.redhat.com/errata/RHSA-2022:0850
reference_id	RHSA-2022:0850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0850

reference_url	https://access.redhat.com/errata/RHSA-2022:0853
reference_id	RHSA-2022:0853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0853

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26381

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s1bx-3697-jqeq

url VCID-sze6-7w2j-5qgx

vulnerability_id VCID-sze6-7w2j-5qgx

summary Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29909.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29909.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29909

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50441
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081469
reference_id	2081469
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081469

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29909

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sze6-7w2j-5qgx

url VCID-t247-5378-u7ay

vulnerability_id VCID-t247-5378-u7ay

summary Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29918

reference_id

reference_type

scores

value	0.00359
scoring_system	epss
scoring_elements	0.58382
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29918

reference_url

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-29918

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t247-5378-u7ay

url VCID-t8a2-18zb-7kde

vulnerability_id VCID-t8a2-18zb-7kde

summary When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36316

reference_id

reference_type

scores

value	0.0026
scoring_system	epss
scoring_elements	0.49594
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36316

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

reference_id

mfsa2022-28

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-28

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-36316

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8a2-18zb-7kde

url VCID-u2rj-qhkw-uqgf

vulnerability_id VCID-u2rj-qhkw-uqgf

summary A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. *This bug only affects Firefox for Linux. Other operating systems are unaffected.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34479

reference_id

reference_type

scores

value	0.00474
scoring_system	epss
scoring_elements	0.65105
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102161
reference_id	2102161
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102161

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34479

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u2rj-qhkw-uqgf

url VCID-vbs8-en1z-wkha

vulnerability_id VCID-vbs8-en1z-wkha

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34483

reference_id

reference_type

scores

value	0.00355
scoring_system	epss
scoring_elements	0.58072
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34483

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34483

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbs8-en1z-wkha

url VCID-vbwy-936q-27fd

vulnerability_id VCID-vbwy-936q-27fd

summary When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26383.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26383.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26383

reference_id

reference_type

scores

value	0.00645
scoring_system	epss
scoring_elements	0.71084
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2062220
reference_id	2062220
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2062220

reference_url

reference_id

AVG-2713

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2714

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

reference_id

mfsa2022-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_id

mfsa2022-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_id

mfsa2022-12

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-12

reference_url	https://access.redhat.com/errata/RHSA-2022:0815
reference_id	RHSA-2022:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0815

reference_url	https://access.redhat.com/errata/RHSA-2022:0816
reference_id	RHSA-2022:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0816

reference_url	https://access.redhat.com/errata/RHSA-2022:0817
reference_id	RHSA-2022:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0817

reference_url	https://access.redhat.com/errata/RHSA-2022:0818
reference_id	RHSA-2022:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0818

reference_url	https://access.redhat.com/errata/RHSA-2022:0824
reference_id	RHSA-2022:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0824

reference_url	https://access.redhat.com/errata/RHSA-2022:0843
reference_id	RHSA-2022:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0843

reference_url	https://access.redhat.com/errata/RHSA-2022:0845
reference_id	RHSA-2022:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0845

reference_url	https://access.redhat.com/errata/RHSA-2022:0847
reference_id	RHSA-2022:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0847

reference_url	https://access.redhat.com/errata/RHSA-2022:0850
reference_id	RHSA-2022:0850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0850

reference_url	https://access.redhat.com/errata/RHSA-2022:0853
reference_id	RHSA-2022:0853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0853

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26383

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbwy-936q-27fd

url VCID-vgjr-7typ-j7dm

vulnerability_id VCID-vgjr-7typ-j7dm

summary An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34468

reference_id

reference_type

scores

value	0.00523
scoring_system	epss
scoring_elements	0.67269
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102163
reference_id	2102163
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102163

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34468

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgjr-7typ-j7dm

url VCID-vkmr-zg7z-9qay

vulnerability_id VCID-vkmr-zg7z-9qay

summary In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26385

reference_id

reference_type

scores

value	0.00235
scoring_system	epss
scoring_elements	0.46585
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26385

reference_url

reference_id

AVG-2714

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

reference_url

reference_id

mfsa2022-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-10

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-26385

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkmr-zg7z-9qay

url VCID-xmur-uvzd-eygy

vulnerability_id VCID-xmur-uvzd-eygy

summary If array shift operations are not used, the Garbage Collector may have become confused about valid objects.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31745

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33684
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31745

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31745

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmur-uvzd-eygy

url VCID-xv8k-7bdk-wffg

vulnerability_id VCID-xv8k-7bdk-wffg

summary On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31740.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31740.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31740

reference_id

reference_type

scores

value	0.00408
scoring_system	epss
scoring_elements	0.61498
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2092023
reference_id	2092023
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2092023

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_id

mfsa2022-21

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_id

mfsa2022-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-22

reference_url	https://access.redhat.com/errata/RHSA-2022:4870
reference_id	RHSA-2022:4870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4870

reference_url	https://access.redhat.com/errata/RHSA-2022:4871
reference_id	RHSA-2022:4871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4871

reference_url	https://access.redhat.com/errata/RHSA-2022:4872
reference_id	RHSA-2022:4872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4872

reference_url	https://access.redhat.com/errata/RHSA-2022:4873
reference_id	RHSA-2022:4873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4873

reference_url	https://access.redhat.com/errata/RHSA-2022:4875
reference_id	RHSA-2022:4875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4875

reference_url	https://access.redhat.com/errata/RHSA-2022:4876
reference_id	RHSA-2022:4876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4876

reference_url	https://access.redhat.com/errata/RHSA-2022:4887
reference_id	RHSA-2022:4887
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4887

reference_url	https://access.redhat.com/errata/RHSA-2022:4888
reference_id	RHSA-2022:4888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4888

reference_url	https://access.redhat.com/errata/RHSA-2022:4889
reference_id	RHSA-2022:4889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4889

reference_url	https://access.redhat.com/errata/RHSA-2022:4890
reference_id	RHSA-2022:4890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4890

reference_url	https://access.redhat.com/errata/RHSA-2022:4891
reference_id	RHSA-2022:4891
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4891

reference_url	https://access.redhat.com/errata/RHSA-2022:4892
reference_id	RHSA-2022:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4892

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-31740

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xv8k-7bdk-wffg

url VCID-xvex-e28y-yfh4

vulnerability_id VCID-xvex-e28y-yfh4

summary Even when an iframe was sandboxed with allow-top-navigation-by-user-activation, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34474

reference_id

reference_type

scores

value	0.00148
scoring_system	epss
scoring_elements	0.34893
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34474

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

fixed_packages

url	pkg:ebuild/www-client/firefox@91.12.0
purl	pkg:ebuild/www-client/firefox@91.12.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0

url	pkg:ebuild/www-client/firefox@103.0
purl	pkg:ebuild/www-client/firefox@103.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0

aliases CVE-2022-34474

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xvex-e28y-yfh4

url VCID-yphf-nte6-8qd6

vulnerability_id VCID-yphf-nte6-8qd6

summary An attacker could have caused an uninitialized variable on the stack to be mistakenly freed, causing a potentially exploitable crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1919

reference_id

reference_type

scores

value	0.00655
scoring_system	epss
scoring_elements	0.7133
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1919

reference_url

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url