{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","type":"apk","namespace":"alpine","name":"firefox-esr","version":"91.5.0-r0","qualifiers":{"arch":"armhf","distroversion":"v3.23","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"91.6.0-r0","latest_non_vulnerable_version":"115.6.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173680?format=json","vulnerability_id":"VCID-a1e9-wwg5-juej","summary":"Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22745.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22745.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22745","reference_id":"","reference_type":"","scores":[{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68495","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039570","reference_id":"2039570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039570"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1735856","reference_id":"show_bug.cgi?id=1735856","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:02:51Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1735856"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22745"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1e9-wwg5-juej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173651?format=json","vulnerability_id":"VCID-c7ad-u6ru-ebg5","summary":"Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22751.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22751","reference_id":"","reference_type":"","scores":[{"value":"0.00609","scoring_system":"epss","scoring_elements":"0.70218","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039574","reference_id":"2039574","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039574"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011","reference_id":"buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:49:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22751"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c7ad-u6ru-ebg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11445?format=json","vulnerability_id":"VCID-j39t-285n-xka2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22747","reference_id":"","reference_type":"","scores":[{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56696","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039572","reference_id":"2039572","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039572"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1735028","reference_id":"show_bug.cgi?id=1735028","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:04:07Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1735028"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"},{"reference_url":"https://usn.ubuntu.com/5506-1/","reference_id":"USN-5506-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5506-1/"},{"reference_url":"https://usn.ubuntu.com/5872-1/","reference_id":"USN-5872-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5872-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22747"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j39t-285n-xka2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173627?format=json","vulnerability_id":"VCID-kcj9-7p7z-8be6","summary":"Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22740.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22740","reference_id":"","reference_type":"","scores":[{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.66862","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039565","reference_id":"2039565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039565"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1742334","reference_id":"show_bug.cgi?id=1742334","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:31:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1742334"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22740"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kcj9-7p7z-8be6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173573?format=json","vulnerability_id":"VCID-tjbx-armm-zbg9","summary":"Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22737.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22737","reference_id":"","reference_type":"","scores":[{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57412","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039567","reference_id":"2039567","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039567"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1745874","reference_id":"show_bug.cgi?id=1745874","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:08:04Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1745874"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22737"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tjbx-armm-zbg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173577?format=json","vulnerability_id":"VCID-v89z-syx1-e3ac","summary":"When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22742.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22742","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.5415","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039563","reference_id":"2039563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039563"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1739923","reference_id":"show_bug.cgi?id=1739923","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:28:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1739923"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22742"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v89z-syx1-e3ac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173642?format=json","vulnerability_id":"VCID-wdrh-jbz4-cbgu","summary":"Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22739.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22739.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22739","reference_id":"","reference_type":"","scores":[{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.6272","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039573","reference_id":"2039573","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039573"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1744158","reference_id":"show_bug.cgi?id=1744158","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:32:36Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1744158"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22739"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wdrh-jbz4-cbgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173579?format=json","vulnerability_id":"VCID-xhtu-2tvg-qfd6","summary":"Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22738.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22738","reference_id":"","reference_type":"","scores":[{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63848","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039566","reference_id":"2039566","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039566"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0123","reference_id":"RHSA-2022:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0124","reference_id":"RHSA-2022:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0125","reference_id":"RHSA-2022:0125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0126","reference_id":"RHSA-2022:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0127","reference_id":"RHSA-2022:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0128","reference_id":"RHSA-2022:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0129","reference_id":"RHSA-2022:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0130","reference_id":"RHSA-2022:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0131","reference_id":"RHSA-2022:0131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0132","reference_id":"RHSA-2022:0132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0132"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1742382","reference_id":"show_bug.cgi?id=1742382","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:06:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1742382"},{"reference_url":"https://usn.ubuntu.com/5229-1/","reference_id":"USN-5229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5229-1/"},{"reference_url":"https://usn.ubuntu.com/5246-1/","reference_id":"USN-5246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5246-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/191170?format=json","purl":"pkg:apk/alpine/firefox-esr@91.5.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2022-22738"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhtu-2tvg-qfd6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@91.5.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"}