VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-6vq5-xes9-aaah

Essentials
Severities (93)
References (8)
Severity details (8)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-6vq5-xes9-aaah
Aliases	CVE-2022-31745
Summary	If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-129

Improper Validation of Array Index

System	Score	Found at
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00125	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
epss	0.00161	https://api.first.org/data/v1/epss?cve=CVE-2022-31745
cvssv3.1	4.3	https://bugzilla.mozilla.org/show_bug.cgi?id=1760944
ssvc	Track	https://bugzilla.mozilla.org/show_bug.cgi?id=1760944
cvssv3	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-31745
cvssv3.1	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-31745
archlinux	High	https://security.archlinux.org/AVG-2760
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2022-20
cvssv3.1	4.3	https://www.mozilla.org/security/advisories/mfsa2022-20/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2022-20/

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2022-31745
		https://bugzilla.mozilla.org/show_bug.cgi?id=1760944
		https://www.mozilla.org/security/advisories/mfsa2022-20/
AVG-2760		https://security.archlinux.org/AVG-2760
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
CVE-2022-31745		https://nvd.nist.gov/vuln/detail/CVE-2022-31745
mfsa2022-20		https://www.mozilla.org/en-US/security/advisories/mfsa2022-20
USN-5475-1		https://usn.ubuntu.com/5475-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1760944

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:26:18Z/ Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1760944

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-31745

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-31745

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://www.mozilla.org/security/advisories/mfsa2022-20/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:26:18Z/ Found at https://www.mozilla.org/security/advisories/mfsa2022-20/

Exploit Prediction Scoring System (EPSS)

Percentile	0.34542
EPSS Score	0.00078
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.