CVE-2022-22739

CVSS v3.1 6.5 (Medium)

EPSS 0.13 % (48^th)

Affected Products 3

Advisories 28

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2022-12-22 20:15:14
(21 months ago)
Updated Date: 2022-12-29 15:47:53
(20 months ago)

Affected Products

Mozilla

Firefox
Firefox Esr
Thunderbird

Configuration #1

	CPE23	Up To
Mozilla Firefox prior 96.0 version	cpe:2.3:a:mozilla:firefox	< 96.0
Mozilla Firefox Esr prior 91.5 version	cpe:2.3:a:mozilla:firefox_esr	< 91.5
Mozilla Thunderbird prior 91.5 version	cpe:2.3:a:mozilla:thunderbird	< 91.5