Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/thunderbird@102.3.0-3?arch=el8_2
Typerpm
Namespaceredhat
Namethunderbird
Version102.3.0-3
Qualifiers
arch el8_2
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-135c-h34e-tye5
vulnerability_id VCID-135c-h34e-tye5
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40957.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40957.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40957
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38048
published_at 2026-04-21T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38112
published_at 2026-04-18T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38176
published_at 2026-04-02T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38131
published_at 2026-04-16T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38085
published_at 2026-04-13T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38109
published_at 2026-04-12T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38145
published_at 2026-04-11T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38127
published_at 2026-04-09T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38119
published_at 2026-04-08T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38199
published_at 2026-04-04T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38069
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40957
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2128796
reference_id 2128796
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2128796
10
reference_url https://security.gentoo.org/glsa/202209-18
reference_id GLSA-202209-18
reference_type
scores
url https://security.gentoo.org/glsa/202209-18
11
reference_url https://security.gentoo.org/glsa/202209-27
reference_id GLSA-202209-27
reference_type
scores
url https://security.gentoo.org/glsa/202209-27
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
13
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:09:12Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
reference_id mfsa2022-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
15
reference_url https://www.mozilla.org/security/advisories/mfsa2022-41/
reference_id mfsa2022-41
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:09:12Z/
url https://www.mozilla.org/security/advisories/mfsa2022-41/
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
reference_id mfsa2022-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
17
reference_url https://www.mozilla.org/security/advisories/mfsa2022-42/
reference_id mfsa2022-42
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:09:12Z/
url https://www.mozilla.org/security/advisories/mfsa2022-42/
18
reference_url https://access.redhat.com/errata/RHSA-2022:6700
reference_id RHSA-2022:6700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6700
19
reference_url https://access.redhat.com/errata/RHSA-2022:6701
reference_id RHSA-2022:6701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6701
20
reference_url https://access.redhat.com/errata/RHSA-2022:6702
reference_id RHSA-2022:6702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6702
21
reference_url https://access.redhat.com/errata/RHSA-2022:6703
reference_id RHSA-2022:6703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6703
22
reference_url https://access.redhat.com/errata/RHSA-2022:6707
reference_id RHSA-2022:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6707
23
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
24
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
25
reference_url https://access.redhat.com/errata/RHSA-2022:6711
reference_id RHSA-2022:6711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6711
26
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
27
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
28
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
29
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
30
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1777604
reference_id show_bug.cgi?id=1777604
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:09:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1777604
31
reference_url https://usn.ubuntu.com/5649-1/
reference_id USN-5649-1
reference_type
scores
url https://usn.ubuntu.com/5649-1/
32
reference_url https://usn.ubuntu.com/5724-1/
reference_id USN-5724-1
reference_type
scores
url https://usn.ubuntu.com/5724-1/
fixed_packages
aliases CVE-2022-40957
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-135c-h34e-tye5
1
url VCID-1jvh-anus-rfeg
vulnerability_id VCID-1jvh-anus-rfeg
summary When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3034.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3034.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3034
reference_id
reference_type
scores
0
value 0.00213
scoring_system epss
scoring_elements 0.43811
published_at 2026-04-21T12:55:00Z
1
value 0.00213
scoring_system epss
scoring_elements 0.43878
published_at 2026-04-18T12:55:00Z
2
value 0.00213
scoring_system epss
scoring_elements 0.4385
published_at 2026-04-02T12:55:00Z
3
value 0.00213
scoring_system epss
scoring_elements 0.43886
published_at 2026-04-16T12:55:00Z
4
value 0.00213
scoring_system epss
scoring_elements 0.43825
published_at 2026-04-13T12:55:00Z
5
value 0.00213
scoring_system epss
scoring_elements 0.43843
published_at 2026-04-12T12:55:00Z
6
value 0.00213
scoring_system epss
scoring_elements 0.43875
published_at 2026-04-11T12:55:00Z
7
value 0.00213
scoring_system epss
scoring_elements 0.43804
published_at 2026-04-07T12:55:00Z
8
value 0.00213
scoring_system epss
scoring_elements 0.43854
published_at 2026-04-08T12:55:00Z
9
value 0.00213
scoring_system epss
scoring_elements 0.43857
published_at 2026-04-09T12:55:00Z
10
value 0.00213
scoring_system epss
scoring_elements 0.43874
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3034
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2123257
reference_id 2123257
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2123257
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
reference_id mfsa2022-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
5
reference_url https://www.mozilla.org/security/advisories/mfsa2022-38/
reference_id mfsa2022-38
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:59:36Z/
url https://www.mozilla.org/security/advisories/mfsa2022-38/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-39
reference_id mfsa2022-39
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-39
7
reference_url https://www.mozilla.org/security/advisories/mfsa2022-39/
reference_id mfsa2022-39
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:59:36Z/
url https://www.mozilla.org/security/advisories/mfsa2022-39/
8
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
9
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
10
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
11
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
12
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
13
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
14
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1745751
reference_id show_bug.cgi?id=1745751
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:59:36Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1745751
15
reference_url https://usn.ubuntu.com/5663-1/
reference_id USN-5663-1
reference_type
scores
url https://usn.ubuntu.com/5663-1/
fixed_packages
aliases CVE-2022-3034
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1jvh-anus-rfeg
2
url VCID-4m2d-td6c-ukd4
vulnerability_id VCID-4m2d-td6c-ukd4
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40958.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40958.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40958
reference_id
reference_type
scores
0
value 0.0037
scoring_system epss
scoring_elements 0.58872
published_at 2026-04-21T12:55:00Z
1
value 0.0037
scoring_system epss
scoring_elements 0.58894
published_at 2026-04-18T12:55:00Z
2
value 0.0037
scoring_system epss
scoring_elements 0.58826
published_at 2026-04-02T12:55:00Z
3
value 0.0037
scoring_system epss
scoring_elements 0.58889
published_at 2026-04-16T12:55:00Z
4
value 0.0037
scoring_system epss
scoring_elements 0.58856
published_at 2026-04-13T12:55:00Z
5
value 0.0037
scoring_system epss
scoring_elements 0.58893
published_at 2026-04-11T12:55:00Z
6
value 0.0037
scoring_system epss
scoring_elements 0.58875
published_at 2026-04-12T12:55:00Z
7
value 0.0037
scoring_system epss
scoring_elements 0.58869
published_at 2026-04-08T12:55:00Z
8
value 0.0037
scoring_system epss
scoring_elements 0.58849
published_at 2026-04-04T12:55:00Z
9
value 0.0037
scoring_system epss
scoring_elements 0.58817
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40958
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2128794
reference_id 2128794
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2128794
10
reference_url https://security.gentoo.org/glsa/202209-18
reference_id GLSA-202209-18
reference_type
scores
url https://security.gentoo.org/glsa/202209-18
11
reference_url https://security.gentoo.org/glsa/202209-27
reference_id GLSA-202209-27
reference_type
scores
url https://security.gentoo.org/glsa/202209-27
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
13
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:54:50Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
reference_id mfsa2022-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
15
reference_url https://www.mozilla.org/security/advisories/mfsa2022-41/
reference_id mfsa2022-41
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:54:50Z/
url https://www.mozilla.org/security/advisories/mfsa2022-41/
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
reference_id mfsa2022-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
17
reference_url https://www.mozilla.org/security/advisories/mfsa2022-42/
reference_id mfsa2022-42
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:54:50Z/
url https://www.mozilla.org/security/advisories/mfsa2022-42/
18
reference_url https://access.redhat.com/errata/RHSA-2022:6700
reference_id RHSA-2022:6700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6700
19
reference_url https://access.redhat.com/errata/RHSA-2022:6701
reference_id RHSA-2022:6701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6701
20
reference_url https://access.redhat.com/errata/RHSA-2022:6702
reference_id RHSA-2022:6702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6702
21
reference_url https://access.redhat.com/errata/RHSA-2022:6703
reference_id RHSA-2022:6703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6703
22
reference_url https://access.redhat.com/errata/RHSA-2022:6707
reference_id RHSA-2022:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6707
23
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
24
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
25
reference_url https://access.redhat.com/errata/RHSA-2022:6711
reference_id RHSA-2022:6711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6711
26
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
27
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
28
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
29
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
30
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1779993
reference_id show_bug.cgi?id=1779993
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:54:50Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1779993
31
reference_url https://usn.ubuntu.com/5649-1/
reference_id USN-5649-1
reference_type
scores
url https://usn.ubuntu.com/5649-1/
32
reference_url https://usn.ubuntu.com/5724-1/
reference_id USN-5724-1
reference_type
scores
url https://usn.ubuntu.com/5724-1/
fixed_packages
aliases CVE-2022-40958
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4m2d-td6c-ukd4
3
url VCID-6dgw-qbue-nqax
vulnerability_id VCID-6dgw-qbue-nqax
summary 
If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag
having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then
Thunderbird started a network request to that URL, regardless of the configuration to block
remote content. In combination with certain other HTML elements and attributes in the email,
it was possible to execute JavaScript code included in the message in the context of the
message compose document. 
The JavaScript code was able to perform actions including, but probably not limited
to, read and modify the contents of the message compose document, including the quoted
original message, which could potentially contain the decrypted plaintext of encrypted data 
in the crafted email.
The contents could then be transmitted to the network, either to the URL specified in the META refresh tag,
or to a different URL, as the JavaScript code could modify the URL specified in the document.
This bug doesn't affect users who have changed the default Message Body display setting to
'simple html' or 'plain text'.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3033.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3033.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3033
reference_id
reference_type
scores
0
value 0.00742
scoring_system epss
scoring_elements 0.73007
published_at 2026-04-21T12:55:00Z
1
value 0.00742
scoring_system epss
scoring_elements 0.73014
published_at 2026-04-18T12:55:00Z
2
value 0.00742
scoring_system epss
scoring_elements 0.72917
published_at 2026-04-02T12:55:00Z
3
value 0.00742
scoring_system epss
scoring_elements 0.73004
published_at 2026-04-16T12:55:00Z
4
value 0.00742
scoring_system epss
scoring_elements 0.72962
published_at 2026-04-13T12:55:00Z
5
value 0.00742
scoring_system epss
scoring_elements 0.72969
published_at 2026-04-12T12:55:00Z
6
value 0.00742
scoring_system epss
scoring_elements 0.72989
published_at 2026-04-11T12:55:00Z
7
value 0.00742
scoring_system epss
scoring_elements 0.72912
published_at 2026-04-07T12:55:00Z
8
value 0.00742
scoring_system epss
scoring_elements 0.7295
published_at 2026-04-08T12:55:00Z
9
value 0.00742
scoring_system epss
scoring_elements 0.72964
published_at 2026-04-09T12:55:00Z
10
value 0.00742
scoring_system epss
scoring_elements 0.72937
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3033
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2123256
reference_id 2123256
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2123256
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
reference_id mfsa2022-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
5
reference_url https://www.mozilla.org/security/advisories/mfsa2022-38/
reference_id mfsa2022-38
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T16:16:03Z/
url https://www.mozilla.org/security/advisories/mfsa2022-38/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-39
reference_id mfsa2022-39
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-39
7
reference_url https://www.mozilla.org/security/advisories/mfsa2022-39/
reference_id mfsa2022-39
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T16:16:03Z/
url https://www.mozilla.org/security/advisories/mfsa2022-39/
8
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
9
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
10
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
11
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
12
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
13
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
14
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1784838
reference_id show_bug.cgi?id=1784838
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T16:16:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1784838
15
reference_url https://usn.ubuntu.com/5663-1/
reference_id USN-5663-1
reference_type
scores
url https://usn.ubuntu.com/5663-1/
fixed_packages
aliases CVE-2022-3033
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6dgw-qbue-nqax
4
url VCID-bxrh-7kwf-p3at
vulnerability_id VCID-bxrh-7kwf-p3at
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40956.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40956
reference_id
reference_type
scores
0
value 0.00241
scoring_system epss
scoring_elements 0.47371
published_at 2026-04-21T12:55:00Z
1
value 0.00241
scoring_system epss
scoring_elements 0.47419
published_at 2026-04-18T12:55:00Z
2
value 0.00241
scoring_system epss
scoring_elements 0.4734
published_at 2026-04-02T12:55:00Z
3
value 0.00241
scoring_system epss
scoring_elements 0.47426
published_at 2026-04-16T12:55:00Z
4
value 0.00241
scoring_system epss
scoring_elements 0.47367
published_at 2026-04-13T12:55:00Z
5
value 0.00241
scoring_system epss
scoring_elements 0.4736
published_at 2026-04-12T12:55:00Z
6
value 0.00241
scoring_system epss
scoring_elements 0.47385
published_at 2026-04-11T12:55:00Z
7
value 0.00241
scoring_system epss
scoring_elements 0.47364
published_at 2026-04-08T12:55:00Z
8
value 0.00241
scoring_system epss
scoring_elements 0.47361
published_at 2026-04-09T12:55:00Z
9
value 0.00241
scoring_system epss
scoring_elements 0.47308
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2128795
reference_id 2128795
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2128795
10
reference_url https://security.gentoo.org/glsa/202209-18
reference_id GLSA-202209-18
reference_type
scores
url https://security.gentoo.org/glsa/202209-18
11
reference_url https://security.gentoo.org/glsa/202209-27
reference_id GLSA-202209-27
reference_type
scores
url https://security.gentoo.org/glsa/202209-27
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
13
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:10:59Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
reference_id mfsa2022-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
15
reference_url https://www.mozilla.org/security/advisories/mfsa2022-41/
reference_id mfsa2022-41
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:10:59Z/
url https://www.mozilla.org/security/advisories/mfsa2022-41/
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
reference_id mfsa2022-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
17
reference_url https://www.mozilla.org/security/advisories/mfsa2022-42/
reference_id mfsa2022-42
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:10:59Z/
url https://www.mozilla.org/security/advisories/mfsa2022-42/
18
reference_url https://access.redhat.com/errata/RHSA-2022:6700
reference_id RHSA-2022:6700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6700
19
reference_url https://access.redhat.com/errata/RHSA-2022:6701
reference_id RHSA-2022:6701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6701
20
reference_url https://access.redhat.com/errata/RHSA-2022:6702
reference_id RHSA-2022:6702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6702
21
reference_url https://access.redhat.com/errata/RHSA-2022:6703
reference_id RHSA-2022:6703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6703
22
reference_url https://access.redhat.com/errata/RHSA-2022:6707
reference_id RHSA-2022:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6707
23
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
24
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
25
reference_url https://access.redhat.com/errata/RHSA-2022:6711
reference_id RHSA-2022:6711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6711
26
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
27
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
28
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
29
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
30
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1770094
reference_id show_bug.cgi?id=1770094
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:10:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1770094
31
reference_url https://usn.ubuntu.com/5649-1/
reference_id USN-5649-1
reference_type
scores
url https://usn.ubuntu.com/5649-1/
32
reference_url https://usn.ubuntu.com/5724-1/
reference_id USN-5724-1
reference_type
scores
url https://usn.ubuntu.com/5724-1/
fixed_packages
aliases CVE-2022-40956
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bxrh-7kwf-p3at
5
url VCID-c5b5-beuj-z3gh
vulnerability_id VCID-c5b5-beuj-z3gh
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40959.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40959.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40959
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32871
published_at 2026-04-21T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32907
published_at 2026-04-18T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.3301
published_at 2026-04-02T12:55:00Z
3
value 0.00133
scoring_system epss
scoring_elements 0.32929
published_at 2026-04-16T12:55:00Z
4
value 0.00133
scoring_system epss
scoring_elements 0.32889
published_at 2026-04-13T12:55:00Z
5
value 0.00133
scoring_system epss
scoring_elements 0.32915
published_at 2026-04-12T12:55:00Z
6
value 0.00133
scoring_system epss
scoring_elements 0.32953
published_at 2026-04-11T12:55:00Z
7
value 0.00133
scoring_system epss
scoring_elements 0.3295
published_at 2026-04-09T12:55:00Z
8
value 0.00133
scoring_system epss
scoring_elements 0.3292
published_at 2026-04-08T12:55:00Z
9
value 0.00133
scoring_system epss
scoring_elements 0.33044
published_at 2026-04-04T12:55:00Z
10
value 0.00133
scoring_system epss
scoring_elements 0.32873
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40959
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2128792
reference_id 2128792
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2128792
10
reference_url https://security.gentoo.org/glsa/202209-18
reference_id GLSA-202209-18
reference_type
scores
url https://security.gentoo.org/glsa/202209-18
11
reference_url https://security.gentoo.org/glsa/202209-27
reference_id GLSA-202209-27
reference_type
scores
url https://security.gentoo.org/glsa/202209-27
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
13
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:53:23Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
reference_id mfsa2022-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
15
reference_url https://www.mozilla.org/security/advisories/mfsa2022-41/
reference_id mfsa2022-41
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:53:23Z/
url https://www.mozilla.org/security/advisories/mfsa2022-41/
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
reference_id mfsa2022-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
17
reference_url https://www.mozilla.org/security/advisories/mfsa2022-42/
reference_id mfsa2022-42
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:53:23Z/
url https://www.mozilla.org/security/advisories/mfsa2022-42/
18
reference_url https://access.redhat.com/errata/RHSA-2022:6700
reference_id RHSA-2022:6700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6700
19
reference_url https://access.redhat.com/errata/RHSA-2022:6701
reference_id RHSA-2022:6701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6701
20
reference_url https://access.redhat.com/errata/RHSA-2022:6702
reference_id RHSA-2022:6702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6702
21
reference_url https://access.redhat.com/errata/RHSA-2022:6703
reference_id RHSA-2022:6703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6703
22
reference_url https://access.redhat.com/errata/RHSA-2022:6707
reference_id RHSA-2022:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6707
23
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
24
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
25
reference_url https://access.redhat.com/errata/RHSA-2022:6711
reference_id RHSA-2022:6711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6711
26
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
27
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
28
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
29
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
30
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1782211
reference_id show_bug.cgi?id=1782211
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:53:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1782211
31
reference_url https://usn.ubuntu.com/5649-1/
reference_id USN-5649-1
reference_type
scores
url https://usn.ubuntu.com/5649-1/
32
reference_url https://usn.ubuntu.com/5724-1/
reference_id USN-5724-1
reference_type
scores
url https://usn.ubuntu.com/5724-1/
fixed_packages
aliases CVE-2022-40959
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c5b5-beuj-z3gh
6
url VCID-cw2e-p5x2-j7fu
vulnerability_id VCID-cw2e-p5x2-j7fu
summary 
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36059.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36059.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36059
reference_id
reference_type
scores
0
value 0.00567
scoring_system epss
scoring_elements 0.68517
published_at 2026-04-21T12:55:00Z
1
value 0.00567
scoring_system epss
scoring_elements 0.68538
published_at 2026-04-18T12:55:00Z
2
value 0.00567
scoring_system epss
scoring_elements 0.68525
published_at 2026-04-16T12:55:00Z
3
value 0.00567
scoring_system epss
scoring_elements 0.68486
published_at 2026-04-13T12:55:00Z
4
value 0.00567
scoring_system epss
scoring_elements 0.68518
published_at 2026-04-12T12:55:00Z
5
value 0.00567
scoring_system epss
scoring_elements 0.6853
published_at 2026-04-11T12:55:00Z
6
value 0.00567
scoring_system epss
scoring_elements 0.68504
published_at 2026-04-09T12:55:00Z
7
value 0.00567
scoring_system epss
scoring_elements 0.68487
published_at 2026-04-08T12:55:00Z
8
value 0.00567
scoring_system epss
scoring_elements 0.68437
published_at 2026-04-07T12:55:00Z
9
value 0.00567
scoring_system epss
scoring_elements 0.6846
published_at 2026-04-04T12:55:00Z
10
value 0.00567
scoring_system epss
scoring_elements 0.68441
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36059
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/matrix-org/matrix-js-sdk
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/matrix-org/matrix-js-sdk
5
reference_url https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.4.0
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.4.0
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018970
reference_id 1018970
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018970
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2123258
reference_id 2123258
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2123258
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36059
reference_id CVE-2022-36059
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36059
9
reference_url https://github.com/advisories/GHSA-rfv9-x7hh-xc32
reference_id GHSA-rfv9-x7hh-xc32
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rfv9-x7hh-xc32
10
reference_url https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32
reference_id GHSA-rfv9-x7hh-xc32
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:05:25Z/
url https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
reference_id mfsa2022-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
12
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
13
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
14
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
15
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
16
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
17
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
18
reference_url https://usn.ubuntu.com/5663-1/
reference_id USN-5663-1
reference_type
scores
url https://usn.ubuntu.com/5663-1/
fixed_packages
aliases CVE-2022-36059, GHSA-rfv9-x7hh-xc32
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cw2e-p5x2-j7fu
7
url VCID-kf1h-zg32-1yh4
vulnerability_id VCID-kf1h-zg32-1yh4
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40960.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40960.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40960
reference_id
reference_type
scores
0
value 0.00159
scoring_system epss
scoring_elements 0.36736
published_at 2026-04-21T12:55:00Z
1
value 0.00159
scoring_system epss
scoring_elements 0.36795
published_at 2026-04-18T12:55:00Z
2
value 0.00159
scoring_system epss
scoring_elements 0.36887
published_at 2026-04-02T12:55:00Z
3
value 0.00159
scoring_system epss
scoring_elements 0.36812
published_at 2026-04-16T12:55:00Z
4
value 0.00159
scoring_system epss
scoring_elements 0.36766
published_at 2026-04-13T12:55:00Z
5
value 0.00159
scoring_system epss
scoring_elements 0.36791
published_at 2026-04-12T12:55:00Z
6
value 0.00159
scoring_system epss
scoring_elements 0.36826
published_at 2026-04-11T12:55:00Z
7
value 0.00159
scoring_system epss
scoring_elements 0.36817
published_at 2026-04-09T12:55:00Z
8
value 0.00159
scoring_system epss
scoring_elements 0.36802
published_at 2026-04-08T12:55:00Z
9
value 0.00159
scoring_system epss
scoring_elements 0.36918
published_at 2026-04-04T12:55:00Z
10
value 0.00159
scoring_system epss
scoring_elements 0.36751
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2128793
reference_id 2128793
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2128793
10
reference_url https://security.gentoo.org/glsa/202209-18
reference_id GLSA-202209-18
reference_type
scores
url https://security.gentoo.org/glsa/202209-18
11
reference_url https://security.gentoo.org/glsa/202209-27
reference_id GLSA-202209-27
reference_type
scores
url https://security.gentoo.org/glsa/202209-27
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
13
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:51:26Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
reference_id mfsa2022-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
15
reference_url https://www.mozilla.org/security/advisories/mfsa2022-41/
reference_id mfsa2022-41
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:51:26Z/
url https://www.mozilla.org/security/advisories/mfsa2022-41/
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
reference_id mfsa2022-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
17
reference_url https://www.mozilla.org/security/advisories/mfsa2022-42/
reference_id mfsa2022-42
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:51:26Z/
url https://www.mozilla.org/security/advisories/mfsa2022-42/
18
reference_url https://access.redhat.com/errata/RHSA-2022:6700
reference_id RHSA-2022:6700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6700
19
reference_url https://access.redhat.com/errata/RHSA-2022:6701
reference_id RHSA-2022:6701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6701
20
reference_url https://access.redhat.com/errata/RHSA-2022:6702
reference_id RHSA-2022:6702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6702
21
reference_url https://access.redhat.com/errata/RHSA-2022:6703
reference_id RHSA-2022:6703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6703
22
reference_url https://access.redhat.com/errata/RHSA-2022:6707
reference_id RHSA-2022:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6707
23
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
24
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
25
reference_url https://access.redhat.com/errata/RHSA-2022:6711
reference_id RHSA-2022:6711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6711
26
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
27
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
28
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
29
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
30
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1787633
reference_id show_bug.cgi?id=1787633
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:51:26Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1787633
31
reference_url https://usn.ubuntu.com/5649-1/
reference_id USN-5649-1
reference_type
scores
url https://usn.ubuntu.com/5649-1/
32
reference_url https://usn.ubuntu.com/5724-1/
reference_id USN-5724-1
reference_type
scores
url https://usn.ubuntu.com/5724-1/
fixed_packages
aliases CVE-2022-40960
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kf1h-zg32-1yh4
8
url VCID-mup7-wezz-gkgc
vulnerability_id VCID-mup7-wezz-gkgc
summary When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3032.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3032.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3032
reference_id
reference_type
scores
0
value 0.00407
scoring_system epss
scoring_elements 0.6117
published_at 2026-04-21T12:55:00Z
1
value 0.00407
scoring_system epss
scoring_elements 0.61155
published_at 2026-04-09T12:55:00Z
2
value 0.00407
scoring_system epss
scoring_elements 0.61175
published_at 2026-04-11T12:55:00Z
3
value 0.00407
scoring_system epss
scoring_elements 0.61162
published_at 2026-04-12T12:55:00Z
4
value 0.00407
scoring_system epss
scoring_elements 0.61143
published_at 2026-04-13T12:55:00Z
5
value 0.00407
scoring_system epss
scoring_elements 0.61183
published_at 2026-04-16T12:55:00Z
6
value 0.00407
scoring_system epss
scoring_elements 0.61189
published_at 2026-04-18T12:55:00Z
7
value 0.00407
scoring_system epss
scoring_elements 0.61097
published_at 2026-04-02T12:55:00Z
8
value 0.00407
scoring_system epss
scoring_elements 0.61125
published_at 2026-04-04T12:55:00Z
9
value 0.00407
scoring_system epss
scoring_elements 0.61091
published_at 2026-04-07T12:55:00Z
10
value 0.00407
scoring_system epss
scoring_elements 0.61139
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3032
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2123255
reference_id 2123255
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2123255
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
reference_id mfsa2022-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
5
reference_url https://www.mozilla.org/security/advisories/mfsa2022-38/
reference_id mfsa2022-38
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-09T19:56:21Z/
url https://www.mozilla.org/security/advisories/mfsa2022-38/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-39
reference_id mfsa2022-39
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-39
7
reference_url https://www.mozilla.org/security/advisories/mfsa2022-39/
reference_id mfsa2022-39
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-09T19:56:21Z/
url https://www.mozilla.org/security/advisories/mfsa2022-39/
8
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
9
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
10
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
11
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
12
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
13
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
14
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1783831
reference_id show_bug.cgi?id=1783831
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-09T19:56:21Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1783831
15
reference_url https://usn.ubuntu.com/5663-1/
reference_id USN-5663-1
reference_type
scores
url https://usn.ubuntu.com/5663-1/
fixed_packages
aliases CVE-2022-3032
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mup7-wezz-gkgc
9
url VCID-qy44-ubss-x7et
vulnerability_id VCID-qy44-ubss-x7et
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40962.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40962.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40962
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.51042
published_at 2026-04-21T12:55:00Z
1
value 0.00275
scoring_system epss
scoring_elements 0.51064
published_at 2026-04-18T12:55:00Z
2
value 0.00275
scoring_system epss
scoring_elements 0.50979
published_at 2026-04-02T12:55:00Z
3
value 0.00275
scoring_system epss
scoring_elements 0.5102
published_at 2026-04-13T12:55:00Z
4
value 0.00275
scoring_system epss
scoring_elements 0.51037
published_at 2026-04-12T12:55:00Z
5
value 0.00275
scoring_system epss
scoring_elements 0.51058
published_at 2026-04-16T12:55:00Z
6
value 0.00275
scoring_system epss
scoring_elements 0.51016
published_at 2026-04-09T12:55:00Z
7
value 0.00275
scoring_system epss
scoring_elements 0.51019
published_at 2026-04-08T12:55:00Z
8
value 0.00275
scoring_system epss
scoring_elements 0.51004
published_at 2026-04-04T12:55:00Z
9
value 0.00275
scoring_system epss
scoring_elements 0.50962
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40962
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2128797
reference_id 2128797
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2128797
10
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1776655%2C1777574%2C1784835%2C1785109%2C1786502%2C1789440
reference_id buglist.cgi?bug_id=1776655%2C1777574%2C1784835%2C1785109%2C1786502%2C1789440
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:48:20Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1776655%2C1777574%2C1784835%2C1785109%2C1786502%2C1789440
11
reference_url https://security.gentoo.org/glsa/202209-18
reference_id GLSA-202209-18
reference_type
scores
url https://security.gentoo.org/glsa/202209-18
12
reference_url https://security.gentoo.org/glsa/202209-27
reference_id GLSA-202209-27
reference_type
scores
url https://security.gentoo.org/glsa/202209-27
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
14
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:48:20Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
reference_id mfsa2022-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
16
reference_url https://www.mozilla.org/security/advisories/mfsa2022-41/
reference_id mfsa2022-41
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:48:20Z/
url https://www.mozilla.org/security/advisories/mfsa2022-41/
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
reference_id mfsa2022-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
18
reference_url https://www.mozilla.org/security/advisories/mfsa2022-42/
reference_id mfsa2022-42
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:48:20Z/
url https://www.mozilla.org/security/advisories/mfsa2022-42/
19
reference_url https://access.redhat.com/errata/RHSA-2022:6700
reference_id RHSA-2022:6700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6700
20
reference_url https://access.redhat.com/errata/RHSA-2022:6701
reference_id RHSA-2022:6701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6701
21
reference_url https://access.redhat.com/errata/RHSA-2022:6702
reference_id RHSA-2022:6702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6702
22
reference_url https://access.redhat.com/errata/RHSA-2022:6703
reference_id RHSA-2022:6703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6703
23
reference_url https://access.redhat.com/errata/RHSA-2022:6707
reference_id RHSA-2022:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6707
24
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
25
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
26
reference_url https://access.redhat.com/errata/RHSA-2022:6711
reference_id RHSA-2022:6711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6711
27
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
28
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
29
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
30
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
31
reference_url https://usn.ubuntu.com/5649-1/
reference_id USN-5649-1
reference_type
scores
url https://usn.ubuntu.com/5649-1/
32
reference_url https://usn.ubuntu.com/5724-1/
reference_id USN-5724-1
reference_type
scores
url https://usn.ubuntu.com/5724-1/
fixed_packages
aliases CVE-2022-40962
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qy44-ubss-x7et
10
url VCID-uvzd-dxhu-hydg
vulnerability_id VCID-uvzd-dxhu-hydg
summary An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3266.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3266.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3266
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2584
published_at 2026-04-21T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.2587
published_at 2026-04-18T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.2605
published_at 2026-04-02T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25888
published_at 2026-04-16T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25885
published_at 2026-04-13T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25944
published_at 2026-04-12T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.25989
published_at 2026-04-11T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25979
published_at 2026-04-09T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25927
published_at 2026-04-08T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.26091
published_at 2026-04-04T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.25858
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3266
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2157739
reference_id 2157739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2157739
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
11
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:57:13Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
reference_id mfsa2022-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-41
13
reference_url https://www.mozilla.org/security/advisories/mfsa2022-41/
reference_id mfsa2022-41
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:57:13Z/
url https://www.mozilla.org/security/advisories/mfsa2022-41/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
reference_id mfsa2022-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-42
15
reference_url https://www.mozilla.org/security/advisories/mfsa2022-42/
reference_id mfsa2022-42
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:57:13Z/
url https://www.mozilla.org/security/advisories/mfsa2022-42/
16
reference_url https://access.redhat.com/errata/RHSA-2022:6700
reference_id RHSA-2022:6700
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6700
17
reference_url https://access.redhat.com/errata/RHSA-2022:6701
reference_id RHSA-2022:6701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6701
18
reference_url https://access.redhat.com/errata/RHSA-2022:6702
reference_id RHSA-2022:6702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6702
19
reference_url https://access.redhat.com/errata/RHSA-2022:6703
reference_id RHSA-2022:6703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6703
20
reference_url https://access.redhat.com/errata/RHSA-2022:6707
reference_id RHSA-2022:6707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6707
21
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
22
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
23
reference_url https://access.redhat.com/errata/RHSA-2022:6711
reference_id RHSA-2022:6711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6711
24
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
25
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
26
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
27
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
28
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1767360
reference_id show_bug.cgi?id=1767360
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:57:13Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1767360
29
reference_url https://usn.ubuntu.com/5649-1/
reference_id USN-5649-1
reference_type
scores
url https://usn.ubuntu.com/5649-1/
30
reference_url https://usn.ubuntu.com/5724-1/
reference_id USN-5724-1
reference_type
scores
url https://usn.ubuntu.com/5724-1/
fixed_packages
aliases CVE-2022-3266
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvzd-dxhu-hydg
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@102.3.0-3%3Farch=el8_2