Lucene search

K
redhatcveRedhat.comRH:CVE-2022-31737
HistoryMay 31, 2022 - 2:52 p.m.

CVE-2022-31737

2022-05-3114:52:56
redhat.com
access.redhat.com
30
mozilla
security advisory
webgl
memory corruption
exploitable crash
cve-2022-31737

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

58.1%

The Mozilla Foundation Security Advisory describes this flaw as: A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

58.1%