Lucene search

Ubuntu.comUB:CVE-2022-22749

HistoryDec 22, 2022 - 12:00 a.m.

CVE-2022-22749

2022-12-2200:00:00

ubuntu.com

firefox

android

qr codes

vulnerability

urls

javascript engine

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

35.8%

JSON

When scanning QR codes, Firefox for Android would have allowed navigation
to some URLs that do not point to web content.<br>This bug only affects
Firefox for Android. Other operating systems are unaffected.. This
vulnerability affects Firefox < 96.

Notes

Author	Note
tyhicks	mozjs contains a copy of the SpiderMonkey JavaScript engine

References

launchpad.net/bugs/cve/CVE-2022-22749

nvd.nist.gov/vuln/detail/CVE-2022-22749

security-tracker.debian.org/tracker/CVE-2022-22749

www.cve.org/CVERecord?id=CVE-2022-22749

www.mozilla.org/en-US/security/advisories/mfsa2022-01/#CVE-2022-22749

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

35.8%

JSON

Related for UB:CVE-2022-22749