Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/583094?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "type": "deb", "namespace": "debian", "name": "firefox", "version": "106.0-1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "107.0-1", "latest_non_vulnerable_version": "150.0-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44726?format=api", "vulnerability_id": "VCID-37ud-wx7n-mqhs", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35652", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35662", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35739", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.3573", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35782", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35707", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35756", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35702", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35712", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35672", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35695", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136156", "reference_id": "2136156", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136156" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "GLSA-202210-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789128", "reference_id": "show_bug.cgi?id=1789128", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T15:45:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789128" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-42927" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37ud-wx7n-mqhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44729?format=api", "vulnerability_id": "VCID-4q6h-ac7c-6fav", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41673", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41692", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41774", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41751", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41742", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41765", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41737", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41748", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41727", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41741", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136157", "reference_id": "2136157", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136157" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "GLSA-202210-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791520", "reference_id": "show_bug.cgi?id=1791520", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:44:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791520" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-42928" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4q6h-ac7c-6fav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63454?format=api", "vulnerability_id": "VCID-f5xg-bk9w-fkbe", "summary": "Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58948", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58951", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5897", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58952", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58927", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58894", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58945", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46885" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1786818%2C1789729%2C1791363%2C1792041", "reference_id": "buglist.cgi?bug_id=1786818%2C1789729%2C1791363%2C1792041", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:48:33Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1786818%2C1789729%2C1791363%2C1792041" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:48:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-46885" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f5xg-bk9w-fkbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44735?format=api", "vulnerability_id": "VCID-hgy1-3pbq-s3ch", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49186", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49194", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49176", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49173", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49179", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49217", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49219", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49172", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49167", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136159", "reference_id": "2136159", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136159" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789729%2C1791363%2C1792041", "reference_id": "buglist.cgi?bug_id=1789729%2C1791363%2C1792041", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789729%2C1791363%2C1792041" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "GLSA-202210-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:20:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-42932" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hgy1-3pbq-s3ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63452?format=api", "vulnerability_id": "VCID-n9js-dkvj-b3fz", "summary": "A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash.*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42583", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.4325", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43267", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43252", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43313", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43302", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43279", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43216", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.433", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46884" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T20:25:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786818", "reference_id": "show_bug.cgi?id=1786818", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T20:25:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786818" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-46884" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9js-dkvj-b3fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50251?format=api", "vulnerability_id": "VCID-q494-zvyn-quge", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46881.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46881.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47322", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4732", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47378", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47372", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47263", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47318", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47315", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47313", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46880" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153466", "reference_id": "2153466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153466" }, { "reference_url": "https://security.gentoo.org/glsa/202305-06", "reference_id": "GLSA-202305-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-06" }, { "reference_url": "https://security.gentoo.org/glsa/202305-13", "reference_id": "GLSA-202305-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-52", "reference_id": "mfsa2022-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-52" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-53", "reference_id": "mfsa2022-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9065", "reference_id": "RHSA-2022:9065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9066", "reference_id": "RHSA-2022:9066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9067", "reference_id": "RHSA-2022:9067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9068", "reference_id": "RHSA-2022:9068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9069", "reference_id": "RHSA-2022:9069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9070", "reference_id": "RHSA-2022:9070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9071", "reference_id": "RHSA-2022:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9072", "reference_id": "RHSA-2022:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9074", "reference_id": "RHSA-2022:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9075", "reference_id": "RHSA-2022:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9076", "reference_id": "RHSA-2022:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9077", "reference_id": "RHSA-2022:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9078", "reference_id": "RHSA-2022:9078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9079", "reference_id": "RHSA-2022:9079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9080", "reference_id": "RHSA-2022:9080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9081", "reference_id": "RHSA-2022:9081", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9081" }, { "reference_url": "https://usn.ubuntu.com/5824-1/", "reference_id": "USN-5824-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5824-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-46881" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q494-zvyn-quge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44734?format=api", "vulnerability_id": "VCID-ue8f-ea6q-3fck", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1034", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10292", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10427", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10388", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10366", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10236", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10207", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10358", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1026", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10333", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10398", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42931" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:23:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1780571", "reference_id": "show_bug.cgi?id=1780571", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:23:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1780571" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-42931" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ue8f-ea6q-3fck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44733?format=api", "vulnerability_id": "VCID-wqj4-21mt-nbay", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50994", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50928", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50967", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51009", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51016", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50912", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50969", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42930" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:25:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789503", "reference_id": "show_bug.cgi?id=1789503", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:25:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789503" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-42930" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqj4-21mt-nbay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44731?format=api", "vulnerability_id": "VCID-z2t7-sc17-abfs", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44536", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44512", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44585", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44568", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44563", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44551", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44605", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44612", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44556", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44555", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136158", "reference_id": "2136158", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136158" }, { "reference_url": "https://security.gentoo.org/glsa/202210-34", "reference_id": "GLSA-202210-34", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-34" }, { "reference_url": "https://security.gentoo.org/glsa/202210-35", "reference_id": "GLSA-202210-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-45/", "reference_id": "mfsa2022-45", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-46/", "reference_id": "mfsa2022-46", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7066", "reference_id": "RHSA-2022:7066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7068", "reference_id": "RHSA-2022:7068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7069", "reference_id": "RHSA-2022:7069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7070", "reference_id": "RHSA-2022:7070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7071", "reference_id": "RHSA-2022:7071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7072", "reference_id": "RHSA-2022:7072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7178", "reference_id": "RHSA-2022:7178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7181", "reference_id": "RHSA-2022:7181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7182", "reference_id": "RHSA-2022:7182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7183", "reference_id": "RHSA-2022:7183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7184", "reference_id": "RHSA-2022:7184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7190", "reference_id": "RHSA-2022:7190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7190" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789439", "reference_id": "show_bug.cgi?id=1789439", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:32:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789439" }, { "reference_url": "https://usn.ubuntu.com/5709-1/", "reference_id": "USN-5709-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5709-1/" }, { "reference_url": "https://usn.ubuntu.com/5724-1/", "reference_id": "USN-5724-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5724-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-42929" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2t7-sc17-abfs" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }