CVE-2022-1802
CVSS v3.1
8.8 (High)
EPSS
0.25 % (65th)
Affected Products
4
Advisories
31
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
Weaknesses
- CWE-1321
- Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2022-12-22 20:15:13
(21 months ago) - Updated Date
-
2022-12-29 16:39:05
(20 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Configuration #2
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...