What is CVE-2022-1802?

CVE-2022-1802 is a vulnerability in Mozilla Firefox. Published 2022-12-22.

Is CVE-2022-1802 known to be exploited?

18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mozilla Firefox

CVE-2022-1802

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox…

EPSS: 0.679 (98.6th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox — versions unspecified
Mozilla Firefox Esr — versions unspecified
Mozilla Firefox For Android — versions unspecified
Mozilla Thunderbird — versions unspecified

Public proof-of-concept exploits

mistymntncop/CVE-2022-1802
ARPSyndicate/cvemon
CVEDB/awesome-cve-repo
CVEDB/top
GhostTroops/TOP
NaInSec/CVE-PoC-in-GitHub
SYRTI/POC_
WhooAmii/POC_
ajblkf/microscope
gmh5225/vulnjs

References

www.mozilla.org/security/advisories/mfsa2022-19/
bugzilla.mozilla.org/show_bug.cgi

Frequently asked questions

What is CVE-2022-1802?: CVE-2022-1802 is a vulnerability in Mozilla Firefox. Published 2022-12-22.
Is CVE-2022-1802 known to be exploited?: 18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.