VDB
DEBIAN-CVE-2022-31738
DEBIAN-CVE-2022-31738
PUBLISHED
CVSS 6.5 MEDIUM
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Risk Scores
CVSS v3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | firefox-esr | 0, 0, 0 |
| Debian:11 | firefox-esr | 91.4.0esr-1, *, * |
| Debian:12 | thunderbird | 0, 0, 0 |
| Debian:14 | thunderbird | 0, 0, 0 |
| Debian:14 | firefox-esr | 0, 0, 0 |
| Debian:12 | firefox-esr | 0, 0, 0 |
| Debian:11 | thunderbird | *, *, * |
| Debian:13 | thunderbird | 0, 0, 0 |
Timeline
- Dec 22, 2022 CVE Published
- Apr 28, 2026 CVE Updated