{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-1802", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "dateUpdated": "2024-08-03T00:17:00.467Z", "dateReserved": "2022-05-19T00:00:00", "datePublished": "2022-12-22T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2022-12-22T00:00:00"}, "descriptions": [{"lang": "en", "value": "If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1."}], "affected": [{"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"version": "unspecified", "lessThan": "91.9.1", "status": "affected", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox", "versions": [{"version": "unspecified", "lessThan": "100.0.2", "status": "affected", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox for Android", "versions": [{"version": "unspecified", "lessThan": "100.3.0", "status": "affected", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"version": "unspecified", "lessThan": "91.9.1", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2022-19/"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770137"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Prototype pollution in Top-Level Await implementation"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:17:00.467Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2022-19/", "tags": ["x_transferred"]}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770137", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "62D778FE-BC8B-4D82-887C-F647BF6D3600", "versionEndExcluding": "100.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "E42B5379-88D5-4CFB-BF6D-3AECA5AF4E4B", "versionEndExcluding": "91.9.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "177907AF-0268-4DDE-9F7E-57D87C9B8417", "versionEndExcluding": "91.9.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBAC048A-B655-4B3F-B57E-E29CFB5EC3D3", "versionEndExcluding": "100.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1."}, {"lang": "es", "value": "Si un atacante pudo corromper los m\u00e9todos de un objeto Array en JavaScript mediante la contaminaci\u00f3n de prototipos, podr\u00eda haber logrado la ejecuci\u00f3n del c\u00f3digo JavaScript controlado por el atacante en un contexto privilegiado. Esta vulnerabilidad afecta a Firefox ESR &lt; 91.9.1, Firefox &lt; 100.0.2, Firefox para Android &lt; 100.3.0 y Thunderbird &lt; 91.9.1."}], "id": "CVE-2022-1802", "lastModified": "2022-12-29T16:39:05.400", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-22T20:15:13.427", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770137"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-19/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1321"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2022:4729", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:91.9.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-05-24T00:00:00Z"}, {"advisory": "RHSA-2022:4730", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:91.9.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-05-24T00:00:00Z"}, {"advisory": "RHSA-2022:4769", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:91.9.1-1.el8_6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4776", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:91.9.1-1.el8_6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4767", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "firefox-0:91.9.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4770", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "thunderbird-0:91.9.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4768", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "firefox-0:91.9.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4773", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:91.9.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-05-26T00:00:00Z"}, {"advisory": "RHSA-2022:4766", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "firefox-0:91.9.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4774", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "thunderbird-0:91.9.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4765", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:91.9.1-1.el9_0", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-05-27T00:00:00Z"}, {"advisory": "RHSA-2022:4772", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:91.9.1-1.el9_0", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-05-27T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Prototype pollution in Top-Level Await implementation", "id": "2089217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089217"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-843", "details": ["If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.", "The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context."], "name": "CVE-2022-1802", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2022-05-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-1802\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-1802\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2022-19/#CVE-2022-1802"], "threat_severity": "Critical", "upstream_fix": "thunderbird 91.9.1, firefox 100.0.2, firefox 91.9.1"}