Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/firefox@100.0-1

Type alpm

Namespace archlinux

Name firefox

Version 100.0-1

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 101.0-1

Latest_non_vulnerable_version 101.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-38br-a5x4-ska5

vulnerability_id VCID-38br-a5x4-ska5

summary Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29916.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29916.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29916

reference_id

reference_type

scores

value	0.00244
scoring_system	epss
scoring_elements	0.47897
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081470
reference_id	2081470
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081470

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://security.archlinux.org/AVG-2710

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2710

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29916

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-38br-a5x4-ska5

url VCID-4xhj-hee5-9qes

vulnerability_id VCID-4xhj-hee5-9qes

summary An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29911.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29911.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29911

reference_id

reference_type

scores

value	0.00317
scoring_system	epss
scoring_elements	0.55046
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081471
reference_id	2081471
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081471

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://security.archlinux.org/AVG-2710

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2710

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29911

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xhj-hee5-9qes

url VCID-f31y-6u4c-t3a9

vulnerability_id VCID-f31y-6u4c-t3a9

summary Requests initiated through reader mode did not properly omit cookies with a SameSite attribute.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29912.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29912.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29912

reference_id

reference_type

scores

value	0.0042
scoring_system	epss
scoring_elements	0.62281
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081472
reference_id	2081472
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081472

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://security.archlinux.org/AVG-2710

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2710

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29912

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f31y-6u4c-t3a9

url VCID-jf7m-tfa7-rkf1

vulnerability_id VCID-jf7m-tfa7-rkf1

summary Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29917.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29917.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29917

reference_id

reference_type

scores

value	0.00344
scoring_system	epss
scoring_elements	0.57277
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081473
reference_id	2081473
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081473

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://security.archlinux.org/AVG-2710

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2710

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29917

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jf7m-tfa7-rkf1

url VCID-mdqf-k97m-h3hx

vulnerability_id VCID-mdqf-k97m-h3hx

summary When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29914.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29914.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29914

reference_id

reference_type

scores

value	0.00239
scoring_system	epss
scoring_elements	0.47096
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081468
reference_id	2081468
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081468

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://security.archlinux.org/AVG-2710

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2710

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29914

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mdqf-k97m-h3hx

url VCID-quej-mhus-dbgg

vulnerability_id VCID-quej-mhus-dbgg

summary The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29915

reference_id

reference_type

scores

value	0.00131
scoring_system	epss
scoring_elements	0.32209
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29915

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29915

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-quej-mhus-dbgg

url VCID-sze6-7w2j-5qgx

vulnerability_id VCID-sze6-7w2j-5qgx

summary Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29909.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29909.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29909

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50441
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2081469
reference_id	2081469
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2081469

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://security.archlinux.org/AVG-2710

reference_id

AVG-2710

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2710

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_id

mfsa2022-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-17

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_id

mfsa2022-18

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18

reference_url	https://access.redhat.com/errata/RHSA-2022:1701
reference_id	RHSA-2022:1701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1701

reference_url	https://access.redhat.com/errata/RHSA-2022:1702
reference_id	RHSA-2022:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:1703
reference_id	RHSA-2022:1703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1703

reference_url	https://access.redhat.com/errata/RHSA-2022:1704
reference_id	RHSA-2022:1704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1704

reference_url	https://access.redhat.com/errata/RHSA-2022:1705
reference_id	RHSA-2022:1705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1705

reference_url	https://access.redhat.com/errata/RHSA-2022:1724
reference_id	RHSA-2022:1724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1724

reference_url	https://access.redhat.com/errata/RHSA-2022:1725
reference_id	RHSA-2022:1725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1725

reference_url	https://access.redhat.com/errata/RHSA-2022:1726
reference_id	RHSA-2022:1726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1726

reference_url	https://access.redhat.com/errata/RHSA-2022:1727
reference_id	RHSA-2022:1727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1727

reference_url	https://access.redhat.com/errata/RHSA-2022:1730
reference_id	RHSA-2022:1730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1730

reference_url	https://access.redhat.com/errata/RHSA-2022:4589
reference_id	RHSA-2022:4589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4589

reference_url	https://access.redhat.com/errata/RHSA-2022:4590
reference_id	RHSA-2022:4590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4590

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29909

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sze6-7w2j-5qgx

url VCID-t247-5378-u7ay

vulnerability_id VCID-t247-5378-u7ay

summary Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29918

reference_id

reference_type

scores

value	0.00359
scoring_system	epss
scoring_elements	0.58382
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29918

reference_url

https://security.archlinux.org/AVG-2709

reference_id

AVG-2709

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2709

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

reference_id

mfsa2022-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-16

fixed_packages

url	pkg:alpm/archlinux/firefox@100.0-1
purl	pkg:alpm/archlinux/firefox@100.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

aliases CVE-2022-29918

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t247-5378-u7ay

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@100.0-1

Package Instance