Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie

Type deb

Namespace debian

Name firefox-esr

Version 91.11.0esr-1~deb11u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 91.11.0esr-1

Latest_non_vulnerable_version 140.11.0esr-1~deb13u1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3cga-127u-cuau

vulnerability_id VCID-3cga-127u-cuau

summary A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34479.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34479

reference_id

reference_type

scores

value	0.00474
scoring_system	epss
scoring_elements	0.65308
published_at	2026-06-12T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.65208
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102161
reference_id	2102161
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102161

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_id

mfsa2022-24

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1745595

reference_id

show_bug.cgi?id=1745595

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:09:26Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1745595

reference_url	https://usn.ubuntu.com/5504-1/
reference_id	USN-5504-1
reference_type
scores
url	https://usn.ubuntu.com/5504-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-34479

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3cga-127u-cuau

url VCID-3p45-5aqy-hyd5

vulnerability_id VCID-3p45-5aqy-hyd5

summary Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34470.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34470

reference_id

reference_type

scores

value	0.00645
scoring_system	epss
scoring_elements	0.71267
published_at	2026-06-12T12:55:00Z

value	0.00645
scoring_system	epss
scoring_elements	0.71177
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102162
reference_id	2102162
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102162

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_id

mfsa2022-24

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1765951

reference_id

show_bug.cgi?id=1765951

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:51:07Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1765951

reference_url	https://usn.ubuntu.com/5504-1/
reference_id	USN-5504-1
reference_type
scores
url	https://usn.ubuntu.com/5504-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-34470

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3p45-5aqy-hyd5

url VCID-5rkv-cxdf-dqht

vulnerability_id VCID-5rkv-cxdf-dqht

summary If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2200.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2200.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2200

reference_id

reference_type

scores

value	0.06199
scoring_system	epss
scoring_elements	0.91093
published_at	2026-06-12T12:55:00Z

value	0.06199
scoring_system	epss
scoring_elements	0.91062
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102168
reference_id	2102168
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102168

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_id

mfsa2022-24

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1771381

reference_id

show_bug.cgi?id=1771381

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:02:52Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1771381

reference_url	https://usn.ubuntu.com/5504-1/
reference_id	USN-5504-1
reference_type
scores
url	https://usn.ubuntu.com/5504-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-2200

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5rkv-cxdf-dqht

url VCID-8u43-yjce-yfhc

vulnerability_id VCID-8u43-yjce-yfhc

summary An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31744.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31744

reference_id

reference_type

scores

value	0.00065
scoring_system	epss
scoring_elements	0.20679
published_at	2026-06-12T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20501
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102165
reference_id	2102165
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102165

reference_url

https://security.archlinux.org/AVG-2760

reference_id

AVG-2760

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2760

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_id

mfsa2022-20

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-20

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-20/

reference_id

mfsa2022-20

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-20/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1757604

reference_id

show_bug.cgi?id=1757604

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:28:40Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1757604

reference_url	https://usn.ubuntu.com/5475-1/
reference_id	USN-5475-1
reference_type
scores
url	https://usn.ubuntu.com/5475-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-31744

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8u43-yjce-yfhc

url VCID-hh99-1cx8-nug4

vulnerability_id VCID-hh99-1cx8-nug4

summary An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34468.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34468

reference_id

reference_type

scores

value	0.00523
scoring_system	epss
scoring_elements	0.67449
published_at	2026-06-12T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.67359
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102163
reference_id	2102163
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102163

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_id

mfsa2022-24

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1768537

reference_id

show_bug.cgi?id=1768537

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:14Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1768537

reference_url	https://usn.ubuntu.com/5504-1/
reference_id	USN-5504-1
reference_type
scores
url	https://usn.ubuntu.com/5504-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-34468

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hh99-1cx8-nug4

url VCID-js4h-jgrr-zyeu

vulnerability_id VCID-js4h-jgrr-zyeu

summary The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34484.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34484

reference_id

reference_type

scores

value	0.0028
scoring_system	epss
scoring_elements	0.51805
published_at	2026-06-12T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51675
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34484

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102169
reference_id	2102169
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102169

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651

reference_id

buglist.cgi?bug_id=1763634%2C1772651

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_id

mfsa2022-24

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T17:42:21Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url	https://usn.ubuntu.com/5504-1/
reference_id	USN-5504-1
reference_type
scores
url	https://usn.ubuntu.com/5504-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-34484

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-js4h-jgrr-zyeu

url VCID-qtrr-k19m-zug1

vulnerability_id VCID-qtrr-k19m-zug1

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34472.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34472

reference_id

reference_type

scores

value	0.00457
scoring_system	epss
scoring_elements	0.64358
published_at	2026-06-11T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.6446
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102166
reference_id	2102166
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102166

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_id

mfsa2022-24

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1770123

reference_id

show_bug.cgi?id=1770123

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T19:41:27Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1770123

reference_url	https://usn.ubuntu.com/5504-1/
reference_id	USN-5504-1
reference_type
scores
url	https://usn.ubuntu.com/5504-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-34472

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtrr-k19m-zug1

url VCID-zymu-f38n-1kfw

vulnerability_id VCID-zymu-f38n-1kfw

summary In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34481.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34481

reference_id

reference_type

scores

value	0.00212
scoring_system	epss
scoring_elements	0.43922
published_at	2026-06-12T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43767
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34484

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2102164
reference_id	2102164
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2102164

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_id

mfsa2022-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_id

mfsa2022-24

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-24/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_id

mfsa2022-25

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-25

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_id

mfsa2022-25

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-25/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_id

mfsa2022-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_id

mfsa2022-26

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2022-26/

reference_url	https://access.redhat.com/errata/RHSA-2022:5469
reference_id	RHSA-2022:5469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5469

reference_url	https://access.redhat.com/errata/RHSA-2022:5470
reference_id	RHSA-2022:5470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5470

reference_url	https://access.redhat.com/errata/RHSA-2022:5472
reference_id	RHSA-2022:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5472

reference_url	https://access.redhat.com/errata/RHSA-2022:5473
reference_id	RHSA-2022:5473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5473

reference_url	https://access.redhat.com/errata/RHSA-2022:5474
reference_id	RHSA-2022:5474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5474

reference_url	https://access.redhat.com/errata/RHSA-2022:5475
reference_id	RHSA-2022:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5475

reference_url	https://access.redhat.com/errata/RHSA-2022:5477
reference_id	RHSA-2022:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5477

reference_url	https://access.redhat.com/errata/RHSA-2022:5478
reference_id	RHSA-2022:5478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5478

reference_url	https://access.redhat.com/errata/RHSA-2022:5479
reference_id	RHSA-2022:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5479

reference_url	https://access.redhat.com/errata/RHSA-2022:5480
reference_id	RHSA-2022:5480
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5480

reference_url	https://access.redhat.com/errata/RHSA-2022:5481
reference_id	RHSA-2022:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5481

reference_url	https://access.redhat.com/errata/RHSA-2022:5482
reference_id	RHSA-2022:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5482

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1497246

reference_id

show_bug.cgi?id=1497246

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:53:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1497246

reference_url	https://usn.ubuntu.com/5504-1/
reference_id	USN-5504-1
reference_type
scores
url	https://usn.ubuntu.com/5504-1/

reference_url	https://usn.ubuntu.com/5512-1/
reference_id	USN-5512-1
reference_type
scores
url	https://usn.ubuntu.com/5512-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@91.11.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zj6v-hmj8-syfy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie

aliases CVE-2022-34481

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zymu-f38n-1kfw

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@91.11.0esr-1~deb11u1%3Fdistro=trixie

Package Instance