Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/433197?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "type": "apk", "namespace": "alpine", "name": "librewolf", "version": "101.0-r0", "qualifiers": { "arch": "x86", "distroversion": "v3.23", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "102.0-r0", "latest_non_vulnerable_version": "119.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31201?format=api", "vulnerability_id": "VCID-17tt-jftn-m3bd", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31737.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31737.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60279", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60218", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60239", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60258", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60272", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60237", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60187", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60193", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092019", "reference_id": "2092019", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092019" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743767", "reference_id": "show_bug.cgi?id=1743767", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743767" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31737" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-17tt-jftn-m3bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31204?format=api", "vulnerability_id": "VCID-2s85-r5tn-wucn", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31741.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50074", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.5406", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54107", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54089", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54111", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54008", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092024", "reference_id": "2092024", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092024" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1767590", "reference_id": "show_bug.cgi?id=1767590", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1767590" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31741" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2s85-r5tn-wucn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31202?format=api", "vulnerability_id": "VCID-5f8u-kf14-tkah", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31738.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31738.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36287", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36393", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36268", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36304", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36299", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36276", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36227", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.3636", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092021", "reference_id": "2092021", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092021" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1756388", "reference_id": "show_bug.cgi?id=1756388", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1756388" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31738" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5f8u-kf14-tkah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31206?format=api", "vulnerability_id": "VCID-7acy-1dnk-pkcq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31747.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31747.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71064", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.70995", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71018", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71035", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.7105", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71027", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71012", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.7097", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.70978", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092026", "reference_id": "2092026", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092026" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760765%2C1765610%2C1766283%2C1767365%2C1768559%2C1768734", "reference_id": "buglist.cgi?bug_id=1760765%2C1765610%2C1766283%2C1767365%2C1768559%2C1768734", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760765%2C1765610%2C1766283%2C1767365%2C1768559%2C1768734" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31747" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7acy-1dnk-pkcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46621?format=api", "vulnerability_id": "VCID-7tc4-d3hr-bubf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69917", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69819", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69883", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69905", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.6989", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69827", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69842", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31743" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:29:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1747388", "reference_id": "show_bug.cgi?id=1747388", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:29:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1747388" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31743" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7tc4-d3hr-bubf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46623?format=api", "vulnerability_id": "VCID-8hrt-1yt3-1bh3", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45196", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45239", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45186", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45184", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45217", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56579", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56558", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31745" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:26:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760944", "reference_id": "show_bug.cgi?id=1760944", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:26:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760944" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31745" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hrt-1yt3-1bh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31205?format=api", "vulnerability_id": "VCID-9tdt-84zg-3fd7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31742.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57982", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57989", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5801", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58015", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57958", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57963", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092025", "reference_id": "2092025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092025" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1730434", "reference_id": "show_bug.cgi?id=1730434", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1730434" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31742" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tdt-84zg-3fd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46622?format=api", "vulnerability_id": "VCID-ahzj-vepp-r3f4", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20367", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20253", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20229", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20171", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2009", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20148", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20208", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102165", "reference_id": "2102165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102165" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757604", "reference_id": "show_bug.cgi?id=1757604", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757604" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31744" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahzj-vepp-r3f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31203?format=api", "vulnerability_id": "VCID-dqhd-ay8b-wfam", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31740.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47679", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47561", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47621", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47636", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47616", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47612", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092023", "reference_id": "2092023", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092023" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1766806", "reference_id": "show_bug.cgi?id=1766806", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1766806" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5494-1/", "reference_id": "USN-5494-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5494-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31740" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dqhd-ay8b-wfam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46602?format=api", "vulnerability_id": "VCID-fj49-kvwy-bycm", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65204", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65087", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65197", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65169", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65137", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65163", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65129", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65191", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65209", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1919" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-1919" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fj49-kvwy-bycm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46624?format=api", "vulnerability_id": "VCID-nxhd-we9n-67fe", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68372", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68284", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68336", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68352", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68378", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68365", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68332", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68308", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31748" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713773%2C1762201%2C1762469%2C1762770%2C1764878%2C1765226%2C1765782%2C1765973%2C1767177%2C1767181%2C1768232%2C1768251%2C1769869", "reference_id": "buglist.cgi?bug_id=1713773%2C1762201%2C1762469%2C1762770%2C1764878%2C1765226%2C1765782%2C1765973%2C1767177%2C1767181%2C1768232%2C1768251%2C1769869", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:21:24Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713773%2C1762201%2C1762469%2C1762770%2C1764878%2C1765226%2C1765782%2C1765973%2C1767177%2C1767181%2C1768232%2C1768251%2C1769869" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:21:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31748" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxhd-we9n-67fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31200?format=api", "vulnerability_id": "VCID-vg6v-8pv2-mfhf", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31736.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44035", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44023", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.43973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.43989", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44004", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.43953", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092018", "reference_id": "2092018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092018" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "GLSA-202208-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "GLSA-202208-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735923", "reference_id": "show_bug.cgi?id=1735923", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735923" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31736" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vg6v-8pv2-mfhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63399?format=api", "vulnerability_id": "VCID-wzxk-316c-xqcg", "summary": "When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.*This bug only affects Firefox for Windows. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.64981", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.64937", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.64982", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.64964", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.6495", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.649", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.6491", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.64944", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00477", "scoring_system": "epss", "scoring_elements": "0.64972", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31739" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092022", "reference_id": "2092022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092022" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765049", "reference_id": "show_bug.cgi?id=1765049", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765049" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433197?format=api", "purl": "pkg:apk/alpine/librewolf@101.0-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2022-31739" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzxk-316c-xqcg" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@101.0-r0%3Farch=x86&distroversion=v3.23&reponame=community" }