Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/339072?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/339072?format=api", "purl": "pkg:rpm/redhat/thunderbird@102.4.0-1?arch=el8_2", "type": "rpm", "namespace": "redhat", "name": "thunderbird", "version": "102.4.0-1", "qualifiers": { "arch": "el8_2" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12521?format=api", "vulnerability_id": "VCID-2bgs-yyth-8qem", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35709", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35725", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35706", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35526", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136156", "reference_id": "2136156", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136156" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789128", "reference_id": "show_bug.cgi?id=1789128", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789128" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-42927" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bgs-yyth-8qem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12523?format=api", "vulnerability_id": "VCID-2e99-bd8s-2qeq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.4486", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44873", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44857", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44706", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136158", "reference_id": "2136158", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136158" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789439", "reference_id": "show_bug.cgi?id=1789439", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789439" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-42929" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2e99-bd8s-2qeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12525?format=api", "vulnerability_id": "VCID-7p2r-knbm-hyen", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49685", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49698", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49542", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49679", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136159", "reference_id": "2136159", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136159" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789729%2C1791363%2C1792041", "reference_id": "buglist.cgi?bug_id=1789729%2C1791363%2C1792041", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789729%2C1791363%2C1792041" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-42932" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7p2r-knbm-hyen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12334?format=api", "vulnerability_id": "VCID-gcc4-2cdp-8qb5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39251.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39251.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39251", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51677", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.5155", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51681", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51692", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39251" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39251", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39251" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/matrix-js-sdk" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136", "reference_id": "1021136", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "202210-35", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:00Z/" } ], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135396", "reference_id": "2135396", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135396" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76", "reference_id": "a587d7c36026fe1fcf93dfff63588abee359be76", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:00Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39251", "reference_id": "CVE-2022-39251", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39251" }, { "reference_url": "https://github.com/advisories/GHSA-r48r-j8fx-mq2c", "reference_id": "GHSA-r48r-j8fx-mq2c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r48r-j8fx-mq2c" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-r48r-j8fx-mq2c", "reference_id": "GHSA-r48r-j8fx-mq2c", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:00Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-r48r-j8fx-mq2c" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43", "reference_id": "mfsa2022-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients", "reference_id": "upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:00Z/" } ], "url": "https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0", "reference_id": "v19.7.0", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:00Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0" } ], "fixed_packages": [], "aliases": [ "CVE-2022-39251", "GHSA-r48r-j8fx-mq2c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcc4-2cdp-8qb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12332?format=api", "vulnerability_id": "VCID-gcna-2gfa-bqdc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39249.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39249.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39249", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.65517", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.65408", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.65508", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.65519", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39249" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39249", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39249" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/matrix-js-sdk" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136", "reference_id": "1021136", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "202210-35", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:04Z/" } ], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135393", "reference_id": "2135393", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135393" }, { "reference_url": "https://github.com/matrix-org/matrix-spec-proposals/pull/3061", "reference_id": "3061", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:04Z/" } ], "url": "https://github.com/matrix-org/matrix-spec-proposals/pull/3061" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76", "reference_id": "a587d7c36026fe1fcf93dfff63588abee359be76", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:04Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39249", "reference_id": "CVE-2022-39249", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39249" }, { "reference_url": "https://github.com/advisories/GHSA-6263-x97c-c4gg", "reference_id": "GHSA-6263-x97c-c4gg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6263-x97c-c4gg" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-6263-x97c-c4gg", "reference_id": "GHSA-6263-x97c-c4gg", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:04Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-6263-x97c-c4gg" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43", "reference_id": "mfsa2022-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients", "reference_id": "upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:04Z/" } ], "url": "https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0", "reference_id": "v19.7.0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:51:04Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0" } ], "fixed_packages": [], "aliases": [ "CVE-2022-39249", "GHSA-6263-x97c-c4gg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcna-2gfa-bqdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12330?format=api", "vulnerability_id": "VCID-h8sc-emab-7ye2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39236.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39236.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00584", "scoring_system": "epss", "scoring_elements": "0.69606", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00584", "scoring_system": "epss", "scoring_elements": "0.69505", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00584", "scoring_system": "epss", "scoring_elements": "0.69595", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00584", "scoring_system": "epss", "scoring_elements": "0.69608", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39236" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39236", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39236" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/matrix-js-sdk" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136", "reference_id": "1021136", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "202210-35", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:57:05Z/" } ], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135391", "reference_id": "2135391", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135391" }, { "reference_url": "https://github.com/matrix-org/matrix-spec-proposals/pull/3488", "reference_id": "3488", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:57:05Z/" } ], "url": "https://github.com/matrix-org/matrix-spec-proposals/pull/3488" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76", "reference_id": "a587d7c36026fe1fcf93dfff63588abee359be76", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:57:05Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39236", "reference_id": "CVE-2022-39236", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39236" }, { "reference_url": "https://github.com/advisories/GHSA-hvv8-5v86-r45x", "reference_id": "GHSA-hvv8-5v86-r45x", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hvv8-5v86-r45x" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-hvv8-5v86-r45x", "reference_id": "GHSA-hvv8-5v86-r45x", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:57:05Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-hvv8-5v86-r45x" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43", "reference_id": "mfsa2022-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0", "reference_id": "v19.7.0", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:57:05Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0" } ], "fixed_packages": [], "aliases": [ "CVE-2022-39236", "GHSA-hvv8-5v86-r45x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h8sc-emab-7ye2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12333?format=api", "vulnerability_id": "VCID-tyrd-tnm1-zqfd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39250.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39250.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39250", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.53255", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.53126", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.53253", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.53268", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39250" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39250", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39250" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/matrix-js-sdk" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136", "reference_id": "1021136", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021136" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "202210-35", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:50:35Z/" } ], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135395", "reference_id": "2135395", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135395" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76", "reference_id": "a587d7c36026fe1fcf93dfff63588abee359be76", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:50:35Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39250", "reference_id": "CVE-2022-39250", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39250" }, { "reference_url": "https://github.com/advisories/GHSA-5w8r-8pgj-5jmf", "reference_id": "GHSA-5w8r-8pgj-5jmf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5w8r-8pgj-5jmf" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-5w8r-8pgj-5jmf", "reference_id": "GHSA-5w8r-8pgj-5jmf", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:50:35Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-5w8r-8pgj-5jmf" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43", "reference_id": "mfsa2022-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients", "reference_id": "upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:50:35Z/" } ], "url": "https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0", "reference_id": "v19.7.0", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:50:35Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0" } ], "fixed_packages": [], "aliases": [ "CVE-2022-39250", "GHSA-5w8r-8pgj-5jmf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyrd-tnm1-zqfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12522?format=api", "vulnerability_id": "VCID-yb9s-y7ue-b7fu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41964", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.4179", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41973", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41954", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136157", "reference_id": "2136157", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136157" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791520", "reference_id": "show_bug.cgi?id=1791520", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791520" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-42928" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yb9s-y7ue-b7fu" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@102.4.0-1%3Farch=el8_2" }