Lucene search
RedHatRHSA-2022:4767HistoryMay 27, 2022 - 2:35 a.m.
(RHSA-2022:4767) Critical: firefox security update
2022-05-2702:35:04
access.redhat.com
17
mozilla firefox
security update
version 91.9.1 esr
untrusted input
prototype pollution
cve-2022-1529
cve-2022-1802
web browser
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
65.0%
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 91.9.1 ESR.
Security Fix(es):
-
Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529)
-
Mozilla: Prototype pollution in Top-Level Await implementation (CVE-2022-1802)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | ppc64le | firefox-debugsource | < 91.9.1-1.el8_1 | firefox-debugsource-91.9.1-1.el8_1.ppc64le.rpm |
| RedHat | 8 | x86_64 | firefox | < 91.9.1-1.el8_1 | firefox-91.9.1-1.el8_1.x86_64.rpm |
| RedHat | 8 | x86_64 | firefox-debuginfo | < 91.9.1-1.el8_1 | firefox-debuginfo-91.9.1-1.el8_1.x86_64.rpm |
| RedHat | 8 | ppc64le | firefox | < 91.9.1-1.el8_1 | firefox-91.9.1-1.el8_1.ppc64le.rpm |
| RedHat | 8 | x86_64 | firefox-debugsource | < 91.9.1-1.el8_1 | firefox-debugsource-91.9.1-1.el8_1.x86_64.rpm |
| RedHat | 8 | ppc64le | firefox-debuginfo | < 91.9.1-1.el8_1 | firefox-debuginfo-91.9.1-1.el8_1.ppc64le.rpm |
Related
oraclelinux
oraclelinux
thunderbird security update
2022-05-24 00:00:00
thunderbird security update
2022-06-30 00:00:00
firefox security update
2022-05-25 00:00:00
debian
debian
[SECURITY] [DLA 3021-1] firefox-esr security update
2022-05-24 08:06:39
[SECURITY] [DSA 5143-1] firefox-esr security update
2022-05-22 15:15:21
[SECURITY] [DSA 5158-1] thunderbird security update
2022-06-04 17:52:32
redhat
redhat
(RHSA-2022:4765) Critical: firefox security update
2022-05-27 18:27:17
(RHSA-2022:4729) Critical: firefox security update
2022-05-24 14:47:00
(RHSA-2022:4768) Critical: firefox security update
2022-05-27 18:29:42
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2022-19) - Mac OS X
2022-07-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1808-1)
2022-05-24 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2022-19) - Windows
2022-07-07 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5434-1)
2022-05-24 00:00:00
RHEL 8 : thunderbird (RHSA-2022:4769)
2022-05-27 00:00:00
Mozilla Firefox < 100.0.2
2022-05-20 00:00:00
malwarebytes
malwarebytes
Firefox, Thunderbird, receive patches for critical security issues
2022-05-27 11:06:49
redos
redos
ROS-20220530-04
2022-05-30 00:00:00
ROS-20220530-03
2022-05-30 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2022-05-21 01:42:04
[slackware-security] mozilla-thunderbird
2022-05-21 01:42:41
osv
osv
Critical: firefox security update
2022-05-27 18:28:08
Critical: thunderbird security update
2022-05-27 18:24:54
MozillaFirefox-100.0.2-1.1 on GA media
2024-06-15 00:00:00
thn
thn
kaspersky
kaspersky
KLA12543 Multiple vulnerabilities in Mozilla Firefox
2022-05-20 00:00:00
KLA12542 Multiple vulnerabilities in Mozilla Firefox ESR
2022-05-20 00:00:00
KLA12541 Multiple vulnerabilities in Mozilla Thunderbird
2022-05-20 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 91.9.1-alt1
2022-05-27 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 91.9.1-alt1
2022-05-22 00:00:00
almalinux
almalinux
Critical: thunderbird security update
2022-05-27 18:24:54
Critical: firefox security update
2022-05-27 18:28:08
amazon
amazon
Critical: thunderbird
2022-05-31 23:50:00
ubuntu
ubuntu
Firefox vulnerabilities
2022-05-23 00:00:00
Thunderbird vulnerabilities
2022-05-25 00:00:00
rocky
rocky
thunderbird security update
2022-05-27 18:24:54
firefox security update
2022-05-27 18:28:08
mageia
mageia
Updated firefox/thunderbird packages fix security vulnerability
2022-05-25 21:46:18
mozilla
mozilla
suse
suse
Security update for MozillaFirefox (important)
2022-05-24 00:00:00
Security update for MozillaThunderbird (important)
2022-06-13 00:00:00
githubexploit
githubexploit
Exploit for Prototype Pollution in Mozilla Firefox
2022-08-20 03:01:30
veracode
veracode
Prototype Pollution
2022-05-23 17:53:13
Prototype Pollution
2022-05-23 02:06:40
cvelist
cvelist
CVE-2022-1802
2022-12-22 00:00:00
CVE-2022-1529
2022-12-22 00:00:00
alpinelinux
alpinelinux
CVE-2022-1802
2022-12-22 20:15:13
CVE-2022-1529
2022-12-22 20:15:13
redhatcve
redhatcve
CVE-2022-1802
2022-05-23 09:19:46
CVE-2022-1529
2022-05-23 09:19:45
debiancve
debiancve
CVE-2022-1802
2022-12-22 20:15:13
CVE-2022-1529
2022-12-22 20:15:13
prion
prion
Code injection
2022-12-22 20:15:00
Code injection
2022-12-22 20:15:00
nvd
nvd
CVE-2022-1802
2022-12-22 20:15:13
CVE-2022-1529
2022-12-22 20:15:13
ubuntucve
ubuntucve
CVE-2022-1802
2022-05-23 00:00:00
CVE-2022-1529
2022-05-23 00:00:00
cve
cve
CVE-2022-1802
2022-12-22 20:15:13
CVE-2022-1529
2022-12-22 20:15:13
zdi
zdi
securelist
securelist
IT threat evolution in Q2 2022. Non-mobile statistics
2022-08-15 12:00:43
ibm
ibm
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2022-08-10 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2022-08-10 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
65.0%
Related for RHSA-2022:4767