Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/192515?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "type": "ebuild", "namespace": "www-client", "name": "firefox", "version": "103.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "104", "latest_non_vulnerable_version": "137.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1723?format=api", "vulnerability_id": "VCID-1nmu-sdab-2yhh", "summary": "If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2200.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2200.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06199", "scoring_system": "epss", "scoring_elements": "0.91036", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.06199", "scoring_system": "epss", "scoring_elements": "0.91022", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102168", "reference_id": "2102168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102168" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1771381", "reference_id": "show_bug.cgi?id=1771381", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1771381" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-2200" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1nmu-sdab-2yhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1855?format=api", "vulnerability_id": "VCID-25bh-n5g8-w7fz", "summary": "An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1529.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04295", "scoring_system": "epss", "scoring_elements": "0.89069", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04295", "scoring_system": "epss", "scoring_elements": "0.89052", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089218", "reference_id": "2089218", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089218" }, { "reference_url": "https://security.archlinux.org/AVG-2728", "reference_id": "AVG-2728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2728" }, { "reference_url": "https://security.archlinux.org/AVG-2729", "reference_id": "AVG-2729", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2729" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-19", "reference_id": "mfsa2022-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-19/", "reference_id": "mfsa2022-19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:19:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-19/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4729", "reference_id": "RHSA-2022:4729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4730", "reference_id": "RHSA-2022:4730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4765", "reference_id": "RHSA-2022:4765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4766", "reference_id": "RHSA-2022:4766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4767", "reference_id": "RHSA-2022:4767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4768", "reference_id": "RHSA-2022:4768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4769", "reference_id": "RHSA-2022:4769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4770", "reference_id": "RHSA-2022:4770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4772", "reference_id": "RHSA-2022:4772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4773", "reference_id": "RHSA-2022:4773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4774", "reference_id": "RHSA-2022:4774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4776", "reference_id": "RHSA-2022:4776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4776" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770048", "reference_id": "show_bug.cgi?id=1770048", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:19:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770048" }, { "reference_url": "https://usn.ubuntu.com/5434-1/", "reference_id": "USN-5434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5434-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-1529" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-25bh-n5g8-w7fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1808?format=api", "vulnerability_id": "VCID-2vbu-m5sv-kkbb", "summary": "The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49319", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49258", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34477" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:15:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1731614", "reference_id": "show_bug.cgi?id=1731614", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:15:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1731614" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34477" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vbu-m5sv-kkbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1710?format=api", "vulnerability_id": "VCID-38br-a5x4-ska5", "summary": "Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.4796", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47897", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081470", "reference_id": "2081470", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081470" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://security.archlinux.org/AVG-2710", "reference_id": "AVG-2710", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:07:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-17/", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:07:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-18/", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:07:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1701", "reference_id": "RHSA-2022:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1702", "reference_id": "RHSA-2022:1702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1703", "reference_id": "RHSA-2022:1703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1704", "reference_id": "RHSA-2022:1704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1705", "reference_id": "RHSA-2022:1705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1724", "reference_id": "RHSA-2022:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1725", "reference_id": "RHSA-2022:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1726", "reference_id": "RHSA-2022:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1727", "reference_id": "RHSA-2022:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1730", "reference_id": "RHSA-2022:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4589", "reference_id": "RHSA-2022:4589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4590", "reference_id": "RHSA-2022:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4590" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760674", "reference_id": "show_bug.cgi?id=1760674", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:07:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760674" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29916" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-38br-a5x4-ska5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1811?format=api", "vulnerability_id": "VCID-3d8k-ah6f-nyft", "summary": "Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.70098", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.70057", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34485" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1768409%2C1768578", "reference_id": "buglist.cgi?bug_id=1768409%2C1768578", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:34:32Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1768409%2C1768578" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:34:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34485" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3d8k-ah6f-nyft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1766?format=api", "vulnerability_id": "VCID-3qt5-w1we-67hp", "summary": "When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28285.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28285.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47236", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.4717", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072563", "reference_id": "2072563", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072563" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://security.archlinux.org/AVG-2712", "reference_id": "AVG-2712", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2712" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:03:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-14/", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:03:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-15/", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:03:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1283", "reference_id": "RHSA-2022:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1284", "reference_id": "RHSA-2022:1284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1285", "reference_id": "RHSA-2022:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1286", "reference_id": "RHSA-2022:1286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1287", "reference_id": "RHSA-2022:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1301", "reference_id": "RHSA-2022:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1302", "reference_id": "RHSA-2022:1302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1303", "reference_id": "RHSA-2022:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1305", "reference_id": "RHSA-2022:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1326", "reference_id": "RHSA-2022:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1326" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1756957", "reference_id": "show_bug.cgi?id=1756957", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:03:24Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1756957" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" }, { "reference_url": "https://usn.ubuntu.com/5393-1/", "reference_id": "USN-5393-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5393-1/" }, { "reference_url": "https://usn.ubuntu.com/5494-1/", "reference_id": "USN-5494-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5494-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28285" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qt5-w1we-67hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1773?format=api", "vulnerability_id": "VCID-3vss-46pp-p7c8", "summary": "Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2505.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2505.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49575", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49513", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111910", "reference_id": "2111910", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111910" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1769739%2C1772824", "reference_id": "buglist.cgi?bug_id=1769739%2C1772824", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:58:50Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1769739%2C1772824" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-28/", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:58:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-30", "reference_id": "mfsa2022-30", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-30/", "reference_id": "mfsa2022-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:58:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-32", "reference_id": "mfsa2022-32", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-32/", "reference_id": "mfsa2022-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:58:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5765", "reference_id": "RHSA-2022:5765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5766", "reference_id": "RHSA-2022:5766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5767", "reference_id": "RHSA-2022:5767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5769", "reference_id": "RHSA-2022:5769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5770", "reference_id": "RHSA-2022:5770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5771", "reference_id": "RHSA-2022:5771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5772", "reference_id": "RHSA-2022:5772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5773", "reference_id": "RHSA-2022:5773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5774", "reference_id": "RHSA-2022:5774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5776", "reference_id": "RHSA-2022:5776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5777", "reference_id": "RHSA-2022:5777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5778", "reference_id": "RHSA-2022:5778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5778" }, { "reference_url": "https://usn.ubuntu.com/5536-1/", "reference_id": "USN-5536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5536-1/" }, { "reference_url": "https://usn.ubuntu.com/5663-1/", "reference_id": "USN-5663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-2505" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3vss-46pp-p7c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1721?format=api", "vulnerability_id": "VCID-3xnh-sesb-bfbv", "summary": "If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.6429", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.64246", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102166", "reference_id": "2102166", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102166" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770123", "reference_id": "show_bug.cgi?id=1770123", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770123" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34472" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3xnh-sesb-bfbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1707?format=api", "vulnerability_id": "VCID-4dx9-1499-gqcz", "summary": "Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. *This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26386.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58644", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58691", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062224", "reference_id": "2062224", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062224" }, { "reference_url": "https://security.archlinux.org/AVG-2713", "reference_id": "AVG-2713", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2713" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-11/", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:11:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-11/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-12/", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:11:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-12/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0815", "reference_id": "RHSA-2022:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0816", "reference_id": "RHSA-2022:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0817", "reference_id": "RHSA-2022:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0818", "reference_id": "RHSA-2022:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0824", "reference_id": "RHSA-2022:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0843", "reference_id": "RHSA-2022:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0845", "reference_id": "RHSA-2022:0845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0847", "reference_id": "RHSA-2022:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0850", "reference_id": "RHSA-2022:0850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0853", "reference_id": "RHSA-2022:0853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0853" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1752396", "reference_id": "show_bug.cgi?id=1752396", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:11:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1752396" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26386" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dx9-1499-gqcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1801?format=api", "vulnerability_id": "VCID-4kd4-g5ht-sygp", "summary": "An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34482", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65465", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65414", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34482" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:51:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=845880", "reference_id": "show_bug.cgi?id=845880", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:51:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=845880" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34482" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4kd4-g5ht-sygp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1711?format=api", "vulnerability_id": "VCID-4xhj-hee5-9qes", "summary": "An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.55105", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.55046", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081471", "reference_id": "2081471", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081471" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://security.archlinux.org/AVG-2710", "reference_id": "AVG-2710", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:58:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-17/", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:58:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-18/", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:58:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1701", "reference_id": "RHSA-2022:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1702", "reference_id": "RHSA-2022:1702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1703", "reference_id": "RHSA-2022:1703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1704", "reference_id": "RHSA-2022:1704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1705", "reference_id": "RHSA-2022:1705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1724", "reference_id": "RHSA-2022:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1725", "reference_id": "RHSA-2022:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1726", "reference_id": "RHSA-2022:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1727", "reference_id": "RHSA-2022:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1730", "reference_id": "RHSA-2022:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4589", "reference_id": "RHSA-2022:4589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4590", "reference_id": "RHSA-2022:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4590" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1761981", "reference_id": "show_bug.cgi?id=1761981", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:58:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1761981" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29911" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4xhj-hee5-9qes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1717?format=api", "vulnerability_id": "VCID-6yc1-jutk-1fcz", "summary": "Session history navigations may have led to a use-after-free and potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71118", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71076", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102162", "reference_id": "2102162", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102162" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765951", "reference_id": "show_bug.cgi?id=1765951", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765951" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34470" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6yc1-jutk-1fcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1786?format=api", "vulnerability_id": "VCID-7juy-9d9m-q3ak", "summary": "Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31747.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31747.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71463", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71419", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092026", "reference_id": "2092026", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092026" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760765%2C1765610%2C1766283%2C1767365%2C1768559%2C1768734", "reference_id": "buglist.cgi?bug_id=1760765%2C1765610%2C1766283%2C1767365%2C1768559%2C1768734", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760765%2C1765610%2C1766283%2C1767365%2C1768559%2C1768734" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:22:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31747" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7juy-9d9m-q3ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1862?format=api", "vulnerability_id": "VCID-84eg-x618-8fh1", "summary": "Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.56067", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.56122", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0843" }, { "reference_url": "https://security.archlinux.org/AVG-2714", "reference_id": "AVG-2714", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2714" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508", "reference_id": "buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:31:24Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:31:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-10/" }, { "reference_url": "https://usn.ubuntu.com/5321-1/", "reference_id": "USN-5321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-1/" }, { "reference_url": "https://usn.ubuntu.com/5321-2/", "reference_id": "USN-5321-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-0843" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84eg-x618-8fh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1797?format=api", "vulnerability_id": "VCID-8mx3-68nj-wkhc", "summary": "Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26485.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26485.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02853", "scoring_system": "epss", "scoring_elements": "0.86503", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02853", "scoring_system": "epss", "scoring_elements": "0.86526", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061736", "reference_id": "2061736", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061736" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-09", "reference_id": "mfsa2022-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-09/", "reference_id": "mfsa2022-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-28T21:32:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-09/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0815", "reference_id": "RHSA-2022:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0816", "reference_id": "RHSA-2022:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0817", "reference_id": "RHSA-2022:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0818", "reference_id": "RHSA-2022:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0824", "reference_id": "RHSA-2022:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0843", "reference_id": "RHSA-2022:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0845", "reference_id": "RHSA-2022:0845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0847", "reference_id": "RHSA-2022:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0850", "reference_id": "RHSA-2022:0850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0853", "reference_id": "RHSA-2022:0853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0853" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1758062", "reference_id": "show_bug.cgi?id=1758062", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-28T21:32:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1758062" }, { "reference_url": "https://usn.ubuntu.com/5314-1/", "reference_id": "USN-5314-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5314-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26485" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8mx3-68nj-wkhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1825?format=api", "vulnerability_id": "VCID-8mym-k9vn-kkcz", "summary": "In unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46585", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46651", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28287" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:01:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1741515", "reference_id": "show_bug.cgi?id=1741515", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:01:25Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1741515" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28287" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8mym-k9vn-kkcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1784?format=api", "vulnerability_id": "VCID-8pg7-szzq-mqc6", "summary": "A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31741.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54498", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54441", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092024", "reference_id": "2092024", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092024" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1767590", "reference_id": "show_bug.cgi?id=1767590", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:58:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1767590" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31741" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8pg7-szzq-mqc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1764?format=api", "vulnerability_id": "VCID-8sqq-nnpq-pkc2", "summary": "After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1196.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1196.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66718", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66678", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072561", "reference_id": "2072561", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072561" }, { "reference_url": "https://security.archlinux.org/AVG-2712", "reference_id": "AVG-2712", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2712" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-14/", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:27:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-15/", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:27:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1283", "reference_id": "RHSA-2022:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1284", "reference_id": "RHSA-2022:1284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1285", "reference_id": "RHSA-2022:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1286", "reference_id": "RHSA-2022:1286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1287", "reference_id": "RHSA-2022:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1301", "reference_id": "RHSA-2022:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1302", "reference_id": "RHSA-2022:1302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1303", "reference_id": "RHSA-2022:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1305", "reference_id": "RHSA-2022:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1326", "reference_id": "RHSA-2022:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1326" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1750679", "reference_id": "show_bug.cgi?id=1750679", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:27:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1750679" }, { "reference_url": "https://usn.ubuntu.com/5393-1/", "reference_id": "USN-5393-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5393-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-1196" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sqq-nnpq-pkc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1724?format=api", "vulnerability_id": "VCID-8th2-q8wd-tyec", "summary": "The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51638", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51578", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102169", "reference_id": "2102169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102169" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651", "reference_id": "buglist.cgi?bug_id=1763634%2C1772651", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34484" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8th2-q8wd-tyec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1824?format=api", "vulnerability_id": "VCID-agj1-b2vv-y7ej", "summary": "SVG's <use> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.56067", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.56122", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28284" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:05:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1754522", "reference_id": "show_bug.cgi?id=1754522", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:05:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1754522" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28284" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agj1-b2vv-y7ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1794?format=api", "vulnerability_id": "VCID-amgp-4ct1-qff7", "summary": "When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35824", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35728", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29910" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:45:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757138", "reference_id": "show_bug.cgi?id=1757138", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:45:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757138" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29910" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-amgp-4ct1-qff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1810?format=api", "vulnerability_id": "VCID-b4s7-kmmt-g7gv", "summary": "The HTML Sanitizer should have sanitized the href attribute of SVG <use> tags; however it incorrectly did not sanitize xlink:href attributes.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63511", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63468", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34473" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:32:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770888", "reference_id": "show_bug.cgi?id=1770888", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:32:28Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770888" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34473" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b4s7-kmmt-g7gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1805?format=api", "vulnerability_id": "VCID-bmn9-9sbm-uygc", "summary": "When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. *This bug only affects Firefox for Android. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36167", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36073", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34469" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:18:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721220", "reference_id": "show_bug.cgi?id=1721220", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:18:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721220" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34469" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bmn9-9sbm-uygc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1762?format=api", "vulnerability_id": "VCID-bv8a-p6r5-17cz", "summary": "If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28281.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15741", "scoring_system": "epss", "scoring_elements": "0.94853", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.15741", "scoring_system": "epss", "scoring_elements": "0.94844", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072560", "reference_id": "2072560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072560" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://security.archlinux.org/AVG-2712", "reference_id": "AVG-2712", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2712" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:09:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-14/", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:09:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-15/", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:09:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1283", "reference_id": "RHSA-2022:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1284", "reference_id": "RHSA-2022:1284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1285", "reference_id": "RHSA-2022:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1286", "reference_id": "RHSA-2022:1286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1287", "reference_id": "RHSA-2022:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1301", "reference_id": "RHSA-2022:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1302", "reference_id": "RHSA-2022:1302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1303", "reference_id": "RHSA-2022:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1305", "reference_id": "RHSA-2022:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1326", "reference_id": "RHSA-2022:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1326" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1755621", "reference_id": "show_bug.cgi?id=1755621", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:09:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1755621" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" }, { "reference_url": "https://usn.ubuntu.com/5393-1/", "reference_id": "USN-5393-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5393-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28281" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8a-p6r5-17cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1785?format=api", "vulnerability_id": "VCID-bvhn-6mnr-vyas", "summary": "An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31742.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58309", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58261", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092025", "reference_id": "2092025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092025" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1730434", "reference_id": "show_bug.cgi?id=1730434", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:36:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1730434" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31742" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvhn-6mnr-vyas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1715?format=api", "vulnerability_id": "VCID-cbtq-agxw-57f7", "summary": "When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36318.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43187", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43113", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111908", "reference_id": "2111908", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111908" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-28/", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:05:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-29", "reference_id": "mfsa2022-29", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-29/", "reference_id": "mfsa2022-29", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:05:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-30", "reference_id": "mfsa2022-30", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-30/", "reference_id": "mfsa2022-30", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:05:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-31", "reference_id": "mfsa2022-31", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-31/", "reference_id": "mfsa2022-31", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:05:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-32", "reference_id": "mfsa2022-32", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-32/", "reference_id": "mfsa2022-32", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:05:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5765", "reference_id": "RHSA-2022:5765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5766", "reference_id": "RHSA-2022:5766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5767", "reference_id": "RHSA-2022:5767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5769", "reference_id": "RHSA-2022:5769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5770", "reference_id": "RHSA-2022:5770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5771", "reference_id": "RHSA-2022:5771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5772", "reference_id": "RHSA-2022:5772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5773", "reference_id": "RHSA-2022:5773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5774", "reference_id": "RHSA-2022:5774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5776", "reference_id": "RHSA-2022:5776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5777", "reference_id": "RHSA-2022:5777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5778", "reference_id": "RHSA-2022:5778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5778" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1771774", "reference_id": "show_bug.cgi?id=1771774", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:05:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1771774" }, { "reference_url": "https://usn.ubuntu.com/5536-1/", "reference_id": "USN-5536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5536-1/" }, { "reference_url": "https://usn.ubuntu.com/5663-1/", "reference_id": "USN-5663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-36318" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbtq-agxw-57f7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1719?format=api", "vulnerability_id": "VCID-ceu2-6hth-pqhp", "summary": "In the nsTArray_Impl::ReplaceElementsAt() function, an integer overflow could have occurred when the number of elements to replace was too large for the container.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43748", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43678", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102164", "reference_id": "2102164", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102164" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1497246", "reference_id": "show_bug.cgi?id=1497246", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1497246" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34481" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ceu2-6hth-pqhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1780?format=api", "vulnerability_id": "VCID-cz8b-p2t3-ebgy", "summary": "A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31737.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31737.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60646", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60598", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092019", "reference_id": "2092019", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092019" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743767", "reference_id": "show_bug.cgi?id=1743767", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:56:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1743767" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31737" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cz8b-p2t3-ebgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1720?format=api", "vulnerability_id": "VCID-dgm8-wwst-kbe2", "summary": "An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20473", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20546", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102165", "reference_id": "2102165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102165" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757604", "reference_id": "show_bug.cgi?id=1757604", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757604" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31744" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgm8-wwst-kbe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1704?format=api", "vulnerability_id": "VCID-dh5x-c794-tqbw", "summary": "If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26384.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.4031", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40229", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062221", "reference_id": "2062221", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062221" }, { "reference_url": "https://security.archlinux.org/AVG-2713", "reference_id": "AVG-2713", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2713" }, { "reference_url": "https://security.archlinux.org/AVG-2714", "reference_id": "AVG-2714", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:16:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-11/", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:16:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-11/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-12/", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:16:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-12/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0815", "reference_id": "RHSA-2022:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0816", "reference_id": "RHSA-2022:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0817", "reference_id": "RHSA-2022:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0818", "reference_id": "RHSA-2022:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0824", "reference_id": "RHSA-2022:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0843", "reference_id": "RHSA-2022:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0845", "reference_id": "RHSA-2022:0845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0847", "reference_id": "RHSA-2022:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0850", "reference_id": "RHSA-2022:0850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0853", "reference_id": "RHSA-2022:0853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0853" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1744352", "reference_id": "show_bug.cgi?id=1744352", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:16:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1744352" }, { "reference_url": "https://usn.ubuntu.com/5321-1/", "reference_id": "USN-5321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-1/" }, { "reference_url": "https://usn.ubuntu.com/5321-2/", "reference_id": "USN-5321-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-2/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26384" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5x-c794-tqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1813?format=api", "vulnerability_id": "VCID-dnd5-9xgp-u7h9", "summary": "Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.66213", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.66264", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31743" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:29:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1747388", "reference_id": "show_bug.cgi?id=1747388", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:29:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1747388" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31743" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnd5-9xgp-u7h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1769?format=api", "vulnerability_id": "VCID-du9t-tmex-akfm", "summary": "Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28289.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28289.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72505", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72463", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072566", "reference_id": "2072566", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072566" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://security.archlinux.org/AVG-2712", "reference_id": "AVG-2712", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2712" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1663508%2C1744525%2C1753508%2C1757476%2C1757805%2C1758549%2C1758776", "reference_id": "buglist.cgi?bug_id=1663508%2C1744525%2C1753508%2C1757476%2C1757805%2C1758549%2C1758776", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:59:30Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1663508%2C1744525%2C1753508%2C1757476%2C1757805%2C1758549%2C1758776" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:59:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-14/", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:59:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-15/", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:59:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1283", "reference_id": "RHSA-2022:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1284", "reference_id": "RHSA-2022:1284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1285", "reference_id": "RHSA-2022:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1286", "reference_id": "RHSA-2022:1286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1287", "reference_id": "RHSA-2022:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1301", "reference_id": "RHSA-2022:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1302", "reference_id": "RHSA-2022:1302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1303", "reference_id": "RHSA-2022:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1305", "reference_id": "RHSA-2022:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1326", "reference_id": "RHSA-2022:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1326" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" }, { "reference_url": "https://usn.ubuntu.com/5393-1/", "reference_id": "USN-5393-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5393-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28289" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-du9t-tmex-akfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1806?format=api", "vulnerability_id": "VCID-ew5u-u3zx-87cv", "summary": "When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28679", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28606", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34471" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:48:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1766047", "reference_id": "show_bug.cgi?id=1766047", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:48:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1766047" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34471" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ew5u-u3zx-87cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1712?format=api", "vulnerability_id": "VCID-f31y-6u4c-t3a9", "summary": "Requests initiated through reader mode did not properly omit cookies with a SameSite attribute.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29912.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29912.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.6233", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.62281", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081472", "reference_id": "2081472", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081472" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://security.archlinux.org/AVG-2710", "reference_id": "AVG-2710", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:01:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-17/", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:01:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-18/", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:01:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1701", "reference_id": "RHSA-2022:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1702", "reference_id": "RHSA-2022:1702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1703", "reference_id": "RHSA-2022:1703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1704", "reference_id": "RHSA-2022:1704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1705", "reference_id": "RHSA-2022:1705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1724", "reference_id": "RHSA-2022:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1725", "reference_id": "RHSA-2022:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1726", "reference_id": "RHSA-2022:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1727", "reference_id": "RHSA-2022:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1730", "reference_id": "RHSA-2022:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4589", "reference_id": "RHSA-2022:4589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4590", "reference_id": "RHSA-2022:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4590" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692655", "reference_id": "show_bug.cgi?id=1692655", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:01:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692655" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29912" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f31y-6u4c-t3a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1781?format=api", "vulnerability_id": "VCID-f9nt-79kq-6kbf", "summary": "When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31738.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31738.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58554", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58507", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092021", "reference_id": "2092021", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092021" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1756388", "reference_id": "show_bug.cgi?id=1756388", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:54:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1756388" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31738" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f9nt-79kq-6kbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1823?format=api", "vulnerability_id": "VCID-fmy7-eawb-5ud7", "summary": "The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55669", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55726", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28283" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:14:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1754066", "reference_id": "show_bug.cgi?id=1754066", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:14:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1754066" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28283" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmy7-eawb-5ud7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1705?format=api", "vulnerability_id": "VCID-fn1d-vq36-mkeu", "summary": "When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46738", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46671", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062222", "reference_id": "2062222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062222" }, { "reference_url": "https://security.archlinux.org/AVG-2713", "reference_id": "AVG-2713", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2713" }, { "reference_url": "https://security.archlinux.org/AVG-2714", "reference_id": "AVG-2714", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:10:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-11/", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:10:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-11/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-12/", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:10:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-12/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0815", "reference_id": "RHSA-2022:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0816", "reference_id": "RHSA-2022:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0817", "reference_id": "RHSA-2022:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0818", "reference_id": "RHSA-2022:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0824", "reference_id": "RHSA-2022:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0843", "reference_id": "RHSA-2022:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0845", "reference_id": "RHSA-2022:0845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0847", "reference_id": "RHSA-2022:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0850", "reference_id": "RHSA-2022:0850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0853", "reference_id": "RHSA-2022:0853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0853" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1752979", "reference_id": "show_bug.cgi?id=1752979", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T20:10:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1752979" }, { "reference_url": "https://usn.ubuntu.com/5321-1/", "reference_id": "USN-5321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-1/" }, { "reference_url": "https://usn.ubuntu.com/5321-2/", "reference_id": "USN-5321-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-2/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26387" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1d-vq36-mkeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1860?format=api", "vulnerability_id": "VCID-fr7u-m88d-bqch", "summary": "While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39692", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39778", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26382" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2714", "reference_id": "AVG-2714", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:26:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-10/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1741888", "reference_id": "show_bug.cgi?id=1741888", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:26:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1741888" }, { "reference_url": "https://usn.ubuntu.com/5321-1/", "reference_id": "USN-5321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-1/" }, { "reference_url": "https://usn.ubuntu.com/5321-2/", "reference_id": "USN-5321-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26382" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fr7u-m88d-bqch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1809?format=api", "vulnerability_id": "VCID-fug4-fdx3-47d3", "summary": "SVG <use> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.72005", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71965", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34475" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:29:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757210", "reference_id": "show_bug.cgi?id=1757210", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:29:25Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1757210" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34475" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fug4-fdx3-47d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1767?format=api", "vulnerability_id": "VCID-gphr-qsyj-63gz", "summary": "Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28286.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28286.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.578", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57748", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072564", "reference_id": "2072564", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072564" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://security.archlinux.org/AVG-2712", "reference_id": "AVG-2712", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2712" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:02:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-14/", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:02:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-15/", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:02:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1283", "reference_id": "RHSA-2022:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1284", "reference_id": "RHSA-2022:1284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1285", "reference_id": "RHSA-2022:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1286", "reference_id": "RHSA-2022:1286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1287", "reference_id": "RHSA-2022:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1301", "reference_id": "RHSA-2022:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1302", "reference_id": "RHSA-2022:1302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1303", "reference_id": "RHSA-2022:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1305", "reference_id": "RHSA-2022:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1326", "reference_id": "RHSA-2022:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1326" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735265", "reference_id": "show_bug.cgi?id=1735265", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:02:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735265" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" }, { "reference_url": "https://usn.ubuntu.com/5393-1/", "reference_id": "USN-5393-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5393-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28286" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gphr-qsyj-63gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1854?format=api", "vulnerability_id": "VCID-gtat-vu5d-7qgu", "summary": "If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.67932", "scoring_system": "epss", "scoring_elements": "0.98607", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.67932", "scoring_system": "epss", "scoring_elements": "0.98606", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089217", "reference_id": "2089217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089217" }, { "reference_url": "https://security.archlinux.org/AVG-2728", "reference_id": "AVG-2728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2728" }, { "reference_url": "https://security.archlinux.org/AVG-2729", "reference_id": "AVG-2729", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2729" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-19", "reference_id": "mfsa2022-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-19/", "reference_id": "mfsa2022-19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:16:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-19/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4729", "reference_id": "RHSA-2022:4729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4730", "reference_id": "RHSA-2022:4730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4765", "reference_id": "RHSA-2022:4765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4766", "reference_id": "RHSA-2022:4766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4767", "reference_id": "RHSA-2022:4767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4768", "reference_id": "RHSA-2022:4768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4769", "reference_id": "RHSA-2022:4769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4770", "reference_id": "RHSA-2022:4770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4772", "reference_id": "RHSA-2022:4772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4773", "reference_id": "RHSA-2022:4773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4774", "reference_id": "RHSA-2022:4774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4776", "reference_id": "RHSA-2022:4776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4776" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770137", "reference_id": "show_bug.cgi?id=1770137", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:16:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770137" }, { "reference_url": "https://usn.ubuntu.com/5434-1/", "reference_id": "USN-5434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5434-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-1802" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtat-vu5d-7qgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1779?format=api", "vulnerability_id": "VCID-hgcq-j17a-73g2", "summary": "A malicious website could have learned the size of a cross-origin resource that supported Range requests.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31736.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61523", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61475", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092018", "reference_id": "2092018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092018" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://security.archlinux.org/AVG-2761", "reference_id": "AVG-2761", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2761" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735923", "reference_id": "show_bug.cgi?id=1735923", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T14:56:54Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735923" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31736" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hgcq-j17a-73g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1816?format=api", "vulnerability_id": "VCID-j4qf-hfjp-5yct", "summary": "Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.70057", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.70098", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31748" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713773%2C1762201%2C1762469%2C1762770%2C1764878%2C1765226%2C1765782%2C1765973%2C1767177%2C1767181%2C1768232%2C1768251%2C1769869", "reference_id": "buglist.cgi?bug_id=1713773%2C1762201%2C1762469%2C1762770%2C1764878%2C1765226%2C1765782%2C1765973%2C1767177%2C1767181%2C1768232%2C1768251%2C1769869", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:21:24Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713773%2C1762201%2C1762469%2C1762770%2C1764878%2C1765226%2C1765782%2C1765973%2C1767177%2C1767181%2C1768232%2C1768251%2C1769869" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:21:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31748" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4qf-hfjp-5yct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1713?format=api", "vulnerability_id": "VCID-jf7m-tfa7-rkf1", "summary": "Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29917.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29917.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57329", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57277", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081473", "reference_id": "2081473", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081473" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://security.archlinux.org/AVG-2710", "reference_id": "AVG-2710", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2710" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1684739%2C1706441%2C1753298%2C1762614%2C1762620%2C1764778", "reference_id": "buglist.cgi?bug_id=1684739%2C1706441%2C1753298%2C1762614%2C1762620%2C1764778", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:06:01Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1684739%2C1706441%2C1753298%2C1762614%2C1762620%2C1764778" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:06:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-17/", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:06:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-18/", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:06:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1701", "reference_id": "RHSA-2022:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1702", "reference_id": "RHSA-2022:1702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1703", "reference_id": "RHSA-2022:1703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1704", "reference_id": "RHSA-2022:1704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1705", "reference_id": "RHSA-2022:1705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1724", "reference_id": "RHSA-2022:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1725", "reference_id": "RHSA-2022:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1726", "reference_id": "RHSA-2022:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1727", "reference_id": "RHSA-2022:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1730", "reference_id": "RHSA-2022:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4589", "reference_id": "RHSA-2022:4589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4590", "reference_id": "RHSA-2022:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4590" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29917" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jf7m-tfa7-rkf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1722?format=api", "vulnerability_id": "VCID-kemt-xhv2-u7aq", "summary": "The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Firefox), so in this release Firefox has blocked these protocols from prompting the user to open them.*This bug only affects Firefox on Windows. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35137", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35041", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34478" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102167", "reference_id": "2102167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102167" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773717", "reference_id": "show_bug.cgi?id=1773717", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34478" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kemt-xhv2-u7aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1807?format=api", "vulnerability_id": "VCID-knjh-ah43-mycg", "summary": "Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34480.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34480.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34480", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60972", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61021", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34480" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359028", "reference_id": "2359028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359028" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:54:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1454072", "reference_id": "show_bug.cgi?id=1454072", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:54:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1454072" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5506-1/", "reference_id": "USN-5506-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5506-1/" }, { "reference_url": "https://usn.ubuntu.com/5872-1/", "reference_id": "USN-5872-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5872-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34480" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-knjh-ah43-mycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1803?format=api", "vulnerability_id": "VCID-m13c-26h4-yffd", "summary": "ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00571", "scoring_system": "epss", "scoring_elements": "0.69037", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00571", "scoring_system": "epss", "scoring_elements": "0.68997", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34476" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:26:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1387919", "reference_id": "show_bug.cgi?id=1387919", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T18:26:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1387919" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34476" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m13c-26h4-yffd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1818?format=api", "vulnerability_id": "VCID-m2zd-45v4-mbbj", "summary": "When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36315", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36451", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36358", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36315" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-28/", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:19:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-28/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1762520", "reference_id": "show_bug.cgi?id=1762520", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:19:25Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1762520" }, { "reference_url": "https://usn.ubuntu.com/5536-1/", "reference_id": "USN-5536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5536-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-36315" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2zd-45v4-mbbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1708?format=api", "vulnerability_id": "VCID-mdqf-k97m-h3hx", "summary": "When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29914.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29914.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.4716", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47096", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081468", "reference_id": "2081468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081468" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://security.archlinux.org/AVG-2710", "reference_id": "AVG-2710", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:58:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-17/", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:58:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-18/", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:58:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1701", "reference_id": "RHSA-2022:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1702", "reference_id": "RHSA-2022:1702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1703", "reference_id": "RHSA-2022:1703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1704", "reference_id": "RHSA-2022:1704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1705", "reference_id": "RHSA-2022:1705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1724", "reference_id": "RHSA-2022:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1725", "reference_id": "RHSA-2022:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1726", "reference_id": "RHSA-2022:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1727", "reference_id": "RHSA-2022:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1730", "reference_id": "RHSA-2022:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4589", "reference_id": "RHSA-2022:4589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4590", "reference_id": "RHSA-2022:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4590" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1746448", "reference_id": "show_bug.cgi?id=1746448", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:58:16Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1746448" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29914" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mdqf-k97m-h3hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1798?format=api", "vulnerability_id": "VCID-me5q-nc1u-nudh", "summary": "An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26486.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26486.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26486", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02529", "scoring_system": "epss", "scoring_elements": "0.85708", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02529", "scoring_system": "epss", "scoring_elements": "0.85731", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26486" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26486" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061735", "reference_id": "2061735", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061735" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-09", "reference_id": "mfsa2022-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-09/", "reference_id": "mfsa2022-09", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-28T21:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-09/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0815", "reference_id": "RHSA-2022:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0816", "reference_id": "RHSA-2022:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0817", "reference_id": "RHSA-2022:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0818", "reference_id": "RHSA-2022:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0824", "reference_id": "RHSA-2022:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0843", "reference_id": "RHSA-2022:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0845", "reference_id": "RHSA-2022:0845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0847", "reference_id": "RHSA-2022:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0850", "reference_id": "RHSA-2022:0850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0853", "reference_id": "RHSA-2022:0853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0853" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1758070", "reference_id": "show_bug.cgi?id=1758070", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-28T21:24:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1758070" }, { "reference_url": "https://usn.ubuntu.com/5314-1/", "reference_id": "USN-5314-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5314-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26486" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-me5q-nc1u-nudh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1714?format=api", "vulnerability_id": "VCID-mu7w-p8w8-hbfr", "summary": "When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36319.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36319.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36319", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36338", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36244", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111907", "reference_id": "2111907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111907" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-28/", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:59:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-29", "reference_id": "mfsa2022-29", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-29/", "reference_id": "mfsa2022-29", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:59:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-30", "reference_id": "mfsa2022-30", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-30/", "reference_id": "mfsa2022-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:59:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-31", "reference_id": "mfsa2022-31", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-31/", "reference_id": "mfsa2022-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:59:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-32", "reference_id": "mfsa2022-32", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-32/", "reference_id": "mfsa2022-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:59:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5765", "reference_id": "RHSA-2022:5765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5766", "reference_id": "RHSA-2022:5766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5767", "reference_id": "RHSA-2022:5767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5769", "reference_id": "RHSA-2022:5769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5770", "reference_id": "RHSA-2022:5770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5771", "reference_id": "RHSA-2022:5771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5772", "reference_id": "RHSA-2022:5772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5773", "reference_id": "RHSA-2022:5773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5774", "reference_id": "RHSA-2022:5774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5776", "reference_id": "RHSA-2022:5776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5777", "reference_id": "RHSA-2022:5777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5778", "reference_id": "RHSA-2022:5778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5778" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1737722", "reference_id": "show_bug.cgi?id=1737722", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:59:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1737722" }, { "reference_url": "https://usn.ubuntu.com/5536-1/", "reference_id": "USN-5536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5536-1/" }, { "reference_url": "https://usn.ubuntu.com/5663-1/", "reference_id": "USN-5663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-36319" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mu7w-p8w8-hbfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1768?format=api", "vulnerability_id": "VCID-nm7b-hwnd-eud6", "summary": "The rust regex crate did not properly prevent crafted regular expressions from taking an arbitrary amount of time during parsing. If an attacker was able to supply input to this crate, they could have caused a denial of service in the browser.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10404", "scoring_system": "epss", "scoring_elements": "0.93359", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.10404", "scoring_system": "epss", "scoring_elements": "0.93348", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rust-lang/regex", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rust-lang/regex" }, { "reference_url": "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e" }, { "reference_url": "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8" }, { "reference_url": "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24713" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0013.html" }, { "reference_url": "https://security.gentoo.org/glsa/202208-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://security.gentoo.org/glsa/202208-08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://security.gentoo.org/glsa/202208-14" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5113", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5113" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5118", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5118" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007176", "reference_id": "1007176", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072565", "reference_id": "2072565", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072565" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://security.archlinux.org/AVG-2712", "reference_id": "AVG-2712", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2712" }, { "reference_url": "https://github.com/advisories/GHSA-m5pq-gvj9-9vr8", "reference_id": "GHSA-m5pq-gvj9-9vr8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m5pq-gvj9-9vr8" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/", "reference_id": "JANLZ3JXWJR7FSHE57K66UIZUIJZI67T", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/", "reference_id": "O3YB7CURSG64CIPCDPNMGPE4UU24AB6H", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/", "reference_id": "PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1283", "reference_id": "RHSA-2022:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1284", "reference_id": "RHSA-2022:1284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1285", "reference_id": "RHSA-2022:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1286", "reference_id": "RHSA-2022:1286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1287", "reference_id": "RHSA-2022:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1301", "reference_id": "RHSA-2022:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1302", "reference_id": "RHSA-2022:1302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1303", "reference_id": "RHSA-2022:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1305", "reference_id": "RHSA-2022:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1326", "reference_id": "RHSA-2022:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1326" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" }, { "reference_url": "https://usn.ubuntu.com/5610-1/", "reference_id": "USN-5610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5610-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-24713", "GHSA-m5pq-gvj9-9vr8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nm7b-hwnd-eud6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1765?format=api", "vulnerability_id": "VCID-nwsq-gzra-v3b4", "summary": "By using a link with rel=\"localization\" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28282.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08076", "scoring_system": "epss", "scoring_elements": "0.92304", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.08076", "scoring_system": "epss", "scoring_elements": "0.9229", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072562", "reference_id": "2072562", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072562" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://security.archlinux.org/AVG-2712", "reference_id": "AVG-2712", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2712" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:08:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-14/", "reference_id": "mfsa2022-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:08:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-15/", "reference_id": "mfsa2022-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:08:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1283", "reference_id": "RHSA-2022:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1284", "reference_id": "RHSA-2022:1284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1285", "reference_id": "RHSA-2022:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1286", "reference_id": "RHSA-2022:1286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1287", "reference_id": "RHSA-2022:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1301", "reference_id": "RHSA-2022:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1302", "reference_id": "RHSA-2022:1302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1303", "reference_id": "RHSA-2022:1303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1305", "reference_id": "RHSA-2022:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1326", "reference_id": "RHSA-2022:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1326" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1751609", "reference_id": "show_bug.cgi?id=1751609", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:08:53Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1751609" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" }, { "reference_url": "https://usn.ubuntu.com/5393-1/", "reference_id": "USN-5393-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5393-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28282" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwsq-gzra-v3b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1820?format=api", "vulnerability_id": "VCID-qtp2-hmv8-xbd8", "summary": "Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.66143", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.66091", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36320" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1759794%2C1760998", "reference_id": "buglist.cgi?bug_id=1759794%2C1760998", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T16:55:17Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1759794%2C1760998" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-28/", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T16:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-28/" }, { "reference_url": "https://usn.ubuntu.com/5536-1/", "reference_id": "USN-5536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5536-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-36320" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp2-hmv8-xbd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1795?format=api", "vulnerability_id": "VCID-quej-mhus-dbgg", "summary": "The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32209", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32281", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29915" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:09:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1751678", "reference_id": "show_bug.cgi?id=1751678", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:09:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1751678" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29915" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-quej-mhus-dbgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1826?format=api", "vulnerability_id": "VCID-rdaw-zju9-2kbq", "summary": "Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28288", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58382", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58429", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28288" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2711", "reference_id": "AVG-2711", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2711" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746415%2C1746495%2C1746500%2C1747282%2C1748759%2C1749056%2C1749786%2C1751679%2C1752120%2C1756010%2C1756017%2C1757213%2C1757258%2C1757427", "reference_id": "buglist.cgi?bug_id=1746415%2C1746495%2C1746500%2C1747282%2C1748759%2C1749056%2C1749786%2C1751679%2C1752120%2C1756010%2C1756017%2C1757213%2C1757258%2C1757427", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:00:32Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746415%2C1746495%2C1746500%2C1747282%2C1748759%2C1749056%2C1749786%2C1751679%2C1752120%2C1756010%2C1756017%2C1757213%2C1757258%2C1757427" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-13/", "reference_id": "mfsa2022-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:00:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-13/" }, { "reference_url": "https://usn.ubuntu.com/5370-1/", "reference_id": "USN-5370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5370-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-28288" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdaw-zju9-2kbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1706?format=api", "vulnerability_id": "VCID-s1bx-3697-jqeq", "summary": "An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26381.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26381.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40725", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40645", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062223", "reference_id": "2062223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062223" }, { "reference_url": "https://security.archlinux.org/AVG-2713", "reference_id": "AVG-2713", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2713" }, { "reference_url": "https://security.archlinux.org/AVG-2714", "reference_id": "AVG-2714", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:27:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-11/", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:27:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-11/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-12/", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:27:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-12/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0815", "reference_id": "RHSA-2022:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0816", "reference_id": "RHSA-2022:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0817", "reference_id": "RHSA-2022:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0818", "reference_id": "RHSA-2022:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0824", "reference_id": "RHSA-2022:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0843", "reference_id": "RHSA-2022:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0845", "reference_id": "RHSA-2022:0845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0847", "reference_id": "RHSA-2022:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0850", "reference_id": "RHSA-2022:0850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0853", "reference_id": "RHSA-2022:0853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0853" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1736243", "reference_id": "show_bug.cgi?id=1736243", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:27:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1736243" }, { "reference_url": "https://usn.ubuntu.com/5321-1/", "reference_id": "USN-5321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-1/" }, { "reference_url": "https://usn.ubuntu.com/5321-2/", "reference_id": "USN-5321-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-2/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26381" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s1bx-3697-jqeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1709?format=api", "vulnerability_id": "VCID-sze6-7w2j-5qgx", "summary": "Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29909.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29909.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50502", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50441", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081469", "reference_id": "2081469", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081469" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://security.archlinux.org/AVG-2710", "reference_id": "AVG-2710", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:47:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-17/", "reference_id": "mfsa2022-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:47:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-18/", "reference_id": "mfsa2022-18", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:47:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1701", "reference_id": "RHSA-2022:1701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1702", "reference_id": "RHSA-2022:1702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1703", "reference_id": "RHSA-2022:1703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1704", "reference_id": "RHSA-2022:1704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1705", "reference_id": "RHSA-2022:1705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1724", "reference_id": "RHSA-2022:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1725", "reference_id": "RHSA-2022:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1726", "reference_id": "RHSA-2022:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1727", "reference_id": "RHSA-2022:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1730", "reference_id": "RHSA-2022:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4589", "reference_id": "RHSA-2022:4589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4590", "reference_id": "RHSA-2022:4590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4590" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1755081", "reference_id": "show_bug.cgi?id=1755081", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T13:47:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1755081" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" }, { "reference_url": "https://usn.ubuntu.com/5435-1/", "reference_id": "USN-5435-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5435-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29909" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sze6-7w2j-5qgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1796?format=api", "vulnerability_id": "VCID-t247-5378-u7ay", "summary": "Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58382", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58429", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29918" }, { "reference_url": "https://security.archlinux.org/AVG-2709", "reference_id": "AVG-2709", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2709" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1744043%2C1747178%2C1753535%2C1754017%2C1755847%2C1756172%2C1757477%2C1758223%2C1760160%2C1761481%2C1761771", "reference_id": "buglist.cgi?bug_id=1744043%2C1747178%2C1753535%2C1754017%2C1755847%2C1756172%2C1757477%2C1758223%2C1760160%2C1761481%2C1761771", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:04:30Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1744043%2C1747178%2C1753535%2C1754017%2C1755847%2C1756172%2C1757477%2C1758223%2C1760160%2C1761481%2C1761771" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-16/", "reference_id": "mfsa2022-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:04:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-16/" }, { "reference_url": "https://usn.ubuntu.com/5411-1/", "reference_id": "USN-5411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5411-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-29918" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t247-5378-u7ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1819?format=api", "vulnerability_id": "VCID-t8a2-18zb-7kde", "summary": "When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36316", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49656", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49594", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36316" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-28/", "reference_id": "mfsa2022-28", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:05:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-28/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1768583", "reference_id": "show_bug.cgi?id=1768583", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:05:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1768583" }, { "reference_url": "https://usn.ubuntu.com/5536-1/", "reference_id": "USN-5536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5536-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-36316" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8a2-18zb-7kde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1716?format=api", "vulnerability_id": "VCID-u2rj-qhkw-uqgf", "summary": "A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. *This bug only affects Firefox for Linux. Other operating systems are unaffected.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65147", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65105", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102161", "reference_id": "2102161", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102161" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745595", "reference_id": "show_bug.cgi?id=1745595", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745595" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34479" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u2rj-qhkw-uqgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1802?format=api", "vulnerability_id": "VCID-vbs8-en1z-wkha", "summary": "An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34483", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58124", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58072", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34483" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:43:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1335845", "reference_id": "show_bug.cgi?id=1335845", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:43:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1335845" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34483" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbs8-en1z-wkha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1703?format=api", "vulnerability_id": "VCID-vbwy-936q-27fd", "summary": "When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26383.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71127", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71084", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062220", "reference_id": "2062220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062220" }, { "reference_url": "https://security.archlinux.org/AVG-2713", "reference_id": "AVG-2713", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2713" }, { "reference_url": "https://security.archlinux.org/AVG-2714", "reference_id": "AVG-2714", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:19:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-11/", "reference_id": "mfsa2022-11", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:19:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-11/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-12/", "reference_id": "mfsa2022-12", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:19:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-12/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0815", "reference_id": "RHSA-2022:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0816", "reference_id": "RHSA-2022:0816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0817", "reference_id": "RHSA-2022:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0818", "reference_id": "RHSA-2022:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0824", "reference_id": "RHSA-2022:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0843", "reference_id": "RHSA-2022:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0845", "reference_id": "RHSA-2022:0845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0847", "reference_id": "RHSA-2022:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0850", "reference_id": "RHSA-2022:0850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0853", "reference_id": "RHSA-2022:0853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0853" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742421", "reference_id": "show_bug.cgi?id=1742421", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:19:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1742421" }, { "reference_url": "https://usn.ubuntu.com/5321-1/", "reference_id": "USN-5321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-1/" }, { "reference_url": "https://usn.ubuntu.com/5321-2/", "reference_id": "USN-5321-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-2/" }, { "reference_url": "https://usn.ubuntu.com/5345-1/", "reference_id": "USN-5345-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5345-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26383" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbwy-936q-27fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1718?format=api", "vulnerability_id": "VCID-vgjr-7typ-j7dm", "summary": "An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.6731", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.67269", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102163", "reference_id": "2102163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102163" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5469", "reference_id": "RHSA-2022:5469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5470", "reference_id": "RHSA-2022:5470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5472", "reference_id": "RHSA-2022:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5473", "reference_id": "RHSA-2022:5473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5474", "reference_id": "RHSA-2022:5474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5475", "reference_id": "RHSA-2022:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5477", "reference_id": "RHSA-2022:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5478", "reference_id": "RHSA-2022:5478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5479", "reference_id": "RHSA-2022:5479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5480", "reference_id": "RHSA-2022:5480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5481", "reference_id": "RHSA-2022:5481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5482", "reference_id": "RHSA-2022:5482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5482" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1768537", "reference_id": "show_bug.cgi?id=1768537", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1768537" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34468" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgjr-7typ-j7dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1861?format=api", "vulnerability_id": "VCID-vkmr-zg7z-9qay", "summary": "In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46585", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46651", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26385" }, { "reference_url": "https://security.archlinux.org/AVG-2714", "reference_id": "AVG-2714", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-10/", "reference_id": "mfsa2022-10", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-10/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1747526", "reference_id": "show_bug.cgi?id=1747526", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T20:13:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1747526" }, { "reference_url": "https://usn.ubuntu.com/5321-1/", "reference_id": "USN-5321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-1/" }, { "reference_url": "https://usn.ubuntu.com/5321-2/", "reference_id": "USN-5321-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5321-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-26385" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vkmr-zg7z-9qay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1814?format=api", "vulnerability_id": "VCID-xmur-uvzd-eygy", "summary": "If array shift operations are not used, the Garbage Collector may have become confused about valid objects.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33684", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33785", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31745" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:26:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760944", "reference_id": "show_bug.cgi?id=1760944", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:26:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760944" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31745" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xmur-uvzd-eygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1783?format=api", "vulnerability_id": "VCID-xv8k-7bdk-wffg", "summary": "On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31740.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00408", "scoring_system": "epss", "scoring_elements": "0.61546", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00408", "scoring_system": "epss", "scoring_elements": "0.61498", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092023", "reference_id": "2092023", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092023" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4870", "reference_id": "RHSA-2022:4870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4871", "reference_id": "RHSA-2022:4871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4872", "reference_id": "RHSA-2022:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4873", "reference_id": "RHSA-2022:4873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4875", "reference_id": "RHSA-2022:4875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4876", "reference_id": "RHSA-2022:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4887", "reference_id": "RHSA-2022:4887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4888", "reference_id": "RHSA-2022:4888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4889", "reference_id": "RHSA-2022:4889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4890", "reference_id": "RHSA-2022:4890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4891", "reference_id": "RHSA-2022:4891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4892", "reference_id": "RHSA-2022:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4892" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1766806", "reference_id": "show_bug.cgi?id=1766806", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:51:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1766806" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" }, { "reference_url": "https://usn.ubuntu.com/5494-1/", "reference_id": "USN-5494-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5494-1/" }, { "reference_url": "https://usn.ubuntu.com/5512-1/", "reference_id": "USN-5512-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5512-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-31740" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xv8k-7bdk-wffg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1804?format=api", "vulnerability_id": "VCID-xvex-e28y-yfh4", "summary": "Even when an iframe was sandboxed with allow-top-navigation-by-user-activation, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34989", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34893", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34474" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:31:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1677138", "reference_id": "show_bug.cgi?id=1677138", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:31:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1677138" }, { "reference_url": "https://usn.ubuntu.com/5504-1/", "reference_id": "USN-5504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-34474" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvex-e28y-yfh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1815?format=api", "vulnerability_id": "VCID-yphf-nte6-8qd6", "summary": "An attacker could have caused an uninitialized variable on the stack to be mistakenly freed, causing a potentially exploitable crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.7133", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.71374", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1919" }, { "reference_url": "https://security.archlinux.org/AVG-2760", "reference_id": "AVG-2760", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2760" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://usn.ubuntu.com/5475-1/", "reference_id": "USN-5475-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5475-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192514?format=api", "purl": "pkg:ebuild/www-client/firefox@91.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@91.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192515?format=api", "purl": "pkg:ebuild/www-client/firefox@103.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" } ], "aliases": [ "CVE-2022-1919" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yphf-nte6-8qd6" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@103.0" }