Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-31737HistoryDec 22, 2022 - 8:15 p.m.
CVE-2022-31737
2022-12-2220:15:28
Debian Security Bug Tracker
security-tracker.debian.org
30
malicious webpage
out-of-bounds write
webgl
memory corruption
thunderbird
firefox
vulnerability
exploit
crash
cve-2022-31737
unix
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
51.0%
A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 101.0-1 | firefox_101.0-1_all.deb |
| Debian | 12 | all | firefox-esr | < 91.10.0esr-1 | firefox-esr_91.10.0esr-1_all.deb |
| Debian | 11 | all | firefox-esr | < 91.10.0esr-1~deb11u1 | firefox-esr_91.10.0esr-1~deb11u1_all.deb |
| Debian | 999 | all | firefox-esr | < 91.10.0esr-1 | firefox-esr_91.10.0esr-1_all.deb |
| Debian | 13 | all | firefox-esr | < 91.10.0esr-1 | firefox-esr_91.10.0esr-1_all.deb |
| Debian | 12 | all | thunderbird | < 1:91.10.0-1 | thunderbird_1:91.10.0-1_all.deb |
| Debian | 11 | all | thunderbird | < 1:91.10.0-1~deb11u1 | thunderbird_1:91.10.0-1~deb11u1_all.deb |
| Debian | 999 | all | thunderbird | < 1:91.10.0-1 | thunderbird_1:91.10.0-1_all.deb |
| Debian | 13 | all | thunderbird | < 1:91.10.0-1 | thunderbird_1:91.10.0-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2022-31737
2022-06-01 00:00:00
prion
prion
Design/Logic Flaw
2022-12-22 20:15:00
nvd
nvd
CVE-2022-31737
2022-12-22 20:15:28
alpinelinux
alpinelinux
CVE-2022-31737
2022-12-22 20:15:28
cvelist
cvelist
CVE-2022-31737
2022-12-22 00:00:00
redhatcve
redhatcve
CVE-2022-31737
2022-05-31 14:52:56
cve
cve
CVE-2022-31737
2022-12-22 20:15:28
veracode
veracode
Denial Of Service (DoS)
2022-06-01 15:40:07
nessus
nessus
RHEL 8 : firefox (RHSA-2022:4875)
2022-06-02 00:00:00
AlmaLinux 9 : firefox (ALSA-2022:4873)
2022-11-16 00:00:00
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:4870)
2022-06-03 00:00:00
redhat
redhat
(RHSA-2022:4875) Important: firefox security update
2022-06-01 15:01:07
(RHSA-2022:4876) Important: firefox security update
2022-06-01 15:01:54
(RHSA-2022:4871) Important: firefox security update
2022-06-01 21:58:31
osv
osv
firefox-esr - security update
2022-06-03 00:00:00
Important: firefox security update
2022-06-01 20:09:36
firefox-esr - security update
2022-06-01 00:00:00
oraclelinux
oraclelinux
firefox security update
2022-06-30 00:00:00
firefox security update
2022-06-02 00:00:00
firefox security update
2022-06-02 00:00:00
debian
debian
[SECURITY] [DSA 5156-1] firefox-esr security update
2022-06-01 18:50:55
[SECURITY] [DLA 3040-1] firefox-esr security update
2022-06-03 16:36:45
[SECURITY] [DSA 5158-1] thunderbird security update
2022-06-04 17:52:32
openvas
openvas
CentOS: Security Advisory for firefox (CESA-2022:4870)
2022-08-03 00:00:00
Mageia: Security Advisory (MGASA-2022-0220)
2022-06-06 00:00:00
Mozilla Firefox ESR Security Advisory (MFSA2022-21) - Mac OS X
2022-07-07 00:00:00
rocky
rocky
firefox security update
2022-06-01 20:09:36
thunderbird security update
2022-06-02 07:48:48
mageia
mageia
Updated firefox/nss/nspr packages fix security vulnerability
2022-06-04 23:25:39
Updated thunderbird packages fix security vulnerability
2022-06-04 23:25:39
centos
centos
firefox security update
2022-08-02 19:45:49
thunderbird security update
2022-08-02 19:48:11
slackware
slackware
[slackware-security] mozilla-firefox
2022-06-01 00:53:57
[slackware-security] mozilla-thunderbird
2022-06-02 19:43:23
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.10.0-alt1
2022-06-03 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.10.0-alt1
2022-06-03 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 91.10 — Mozilla
2022-05-31 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.10 — Mozilla
2022-05-31 00:00:00
Security Vulnerabilities fixed in Firefox 101 — Mozilla
2022-05-31 00:00:00
amazon
amazon
Important: thunderbird
2022-07-19 01:23:00
Important: thunderbird
2022-07-19 01:23:00
kaspersky
kaspersky
KLA12546 Multiple vulnerabilities in Mozilla Firefox ESR
2022-05-31 00:00:00
KLA12547 Multiple vulnerabilities in Mozilla Thunderbird
2022-05-31 00:00:00
KLA12545 Multiple vulnerabilities in Mozilla Firefox
2022-05-31 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2022-06-02 00:00:00
Security update for MozillaThunderbird (important)
2022-06-13 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2022-06-13 00:00:00
Thunderbird vulnerabilities
2022-07-14 00:00:00
ibm
ibm
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2022-08-10 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2022-08-10 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
51.0%
Related for DEBIANCVE:CVE-2022-31737