Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community

Type apk

Namespace alpine

Name firefox-esr

Version 115.2.0-r0

Qualifiers

arch	armv7
distroversion	v3.18
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 115.2.1-r0

Latest_non_vulnerable_version 115.17.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3bsf-nmms-wkg9

vulnerability_id VCID-3bsf-nmms-wkg9

summary A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4051

reference_id

reference_type

scores

value	0.00168
scoring_system	epss
scoring_elements	0.37871
published_at	2026-06-14T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.37884
published_at	2026-06-13T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.37858
published_at	2026-06-12T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.37681
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4051

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236076
reference_id	2236076
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236076

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1821884

reference_id

show_bug.cgi?id=1821884

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1821884

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4051

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3bsf-nmms-wkg9

url VCID-4ntn-7zea-pqc6

vulnerability_id VCID-4ntn-7zea-pqc6

summary Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4580

reference_id

reference_type

scores

value	0.00069
scoring_system	epss
scoring_elements	0.2151
published_at	2026-06-14T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21536
published_at	2026-06-13T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21522
published_at	2026-06-12T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21338
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4580

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236079
reference_id	2236079
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236079

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843046

reference_id

show_bug.cgi?id=1843046

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843046

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4580

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ntn-7zea-pqc6

url VCID-8af6-ye5f-4ua5

vulnerability_id VCID-8af6-ye5f-4ua5

summary Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4581.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4581.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4581

reference_id

reference_type

scores

value	0.0016
scoring_system	epss
scoring_elements	0.36705
published_at	2026-06-11T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36898
published_at	2026-06-14T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36912
published_at	2026-06-13T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36884
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236080
reference_id	2236080
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236080

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843758

reference_id

show_bug.cgi?id=1843758

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843758

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4581

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8af6-ye5f-4ua5

url VCID-bawb-xauy-4kb4

vulnerability_id VCID-bawb-xauy-4kb4

summary When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4577

reference_id

reference_type

scores

value	0.00102
scoring_system	epss
scoring_elements	0.27716
published_at	2026-06-14T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27727
published_at	2026-06-13T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27702
published_at	2026-06-12T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.275
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4577

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236075
reference_id	2236075
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236075

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1847397

reference_id

show_bug.cgi?id=1847397

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1847397

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4577

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bawb-xauy-4kb4

url VCID-dgw2-jdmf-aqbg

vulnerability_id VCID-dgw2-jdmf-aqbg

summary Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4585

reference_id

reference_type

scores

value	0.00203
scoring_system	epss
scoring_elements	0.42585
published_at	2026-06-14T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42412
published_at	2026-06-11T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42575
published_at	2026-06-12T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42597
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4585

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236086
reference_id	2236086
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236086

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999

reference_id

buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4585

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgw2-jdmf-aqbg

url VCID-djuy-gqk8-5yfs

vulnerability_id VCID-djuy-gqk8-5yfs

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4584.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4584.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4584

reference_id

reference_type

scores

value	0.00292
scoring_system	epss
scoring_elements	0.52961
published_at	2026-06-11T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.5309
published_at	2026-06-12T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.53105
published_at	2026-06-13T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.53087
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4584

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236084
reference_id	2236084
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236084

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4584

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djuy-gqk8-5yfs

url VCID-ezs2-dmsv-1ygm

vulnerability_id VCID-ezs2-dmsv-1ygm

summary When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4573

reference_id

reference_type

scores

value	0.00137
scoring_system	epss
scoring_elements	0.33437
published_at	2026-06-11T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33614
published_at	2026-06-14T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.3364
published_at	2026-06-13T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33618
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236071
reference_id	2236071
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236071

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846687

reference_id

show_bug.cgi?id=1846687

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846687

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4573

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezs2-dmsv-1ygm

url VCID-kfbc-sdkf-jfgx

vulnerability_id VCID-kfbc-sdkf-jfgx

summary When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4578

reference_id

reference_type

scores

value	0.0011
scoring_system	epss
scoring_elements	0.29091
published_at	2026-06-14T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29104
published_at	2026-06-13T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29085
published_at	2026-06-12T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.28883
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4578

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236077
reference_id	2236077
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236077

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839007

reference_id

show_bug.cgi?id=1839007

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839007

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4578

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kfbc-sdkf-jfgx

url VCID-nqhf-g3y1-6kag

vulnerability_id VCID-nqhf-g3y1-6kag

summary When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4583

reference_id

reference_type

scores

value	0.00146
scoring_system	epss
scoring_elements	0.34927
published_at	2026-06-14T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34748
published_at	2026-06-11T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34926
published_at	2026-06-12T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34949
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4583

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236082
reference_id	2236082
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236082

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1842030

reference_id

show_bug.cgi?id=1842030

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1842030

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4583

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqhf-g3y1-6kag

url VCID-uzu6-54x4-b3f9

vulnerability_id VCID-uzu6-54x4-b3f9

summary A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4053

reference_id

reference_type

scores

value	0.00145
scoring_system	epss
scoring_elements	0.34808
published_at	2026-06-14T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34827
published_at	2026-06-13T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34802
published_at	2026-06-12T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34624
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236078
reference_id	2236078
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236078

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839079

reference_id

show_bug.cgi?id=1839079

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839079

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4053

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uzu6-54x4-b3f9

url VCID-vqq5-t48g-z3ap

vulnerability_id VCID-vqq5-t48g-z3ap

summary

On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4576

reference_id

reference_type

scores

value	0.00235
scoring_system	epss
scoring_elements	0.46698
published_at	2026-06-11T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46836
published_at	2026-06-14T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46855
published_at	2026-06-13T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46841
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4576

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236074
reference_id	2236074
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236074

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846694

reference_id

show_bug.cgi?id=1846694

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846694

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4576

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vqq5-t48g-z3ap

url VCID-zzj4-11j6-3bcv

vulnerability_id VCID-zzj4-11j6-3bcv

summary When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4575.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4575

reference_id

reference_type

scores

value	0.00137
scoring_system	epss
scoring_elements	0.33437
published_at	2026-06-11T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33614
published_at	2026-06-14T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.3364
published_at	2026-06-13T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33618
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236073
reference_id	2236073
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236073

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846689

reference_id

show_bug.cgi?id=1846689

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846689

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

aliases CVE-2023-4575

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zzj4-11j6-3bcv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=armv7&distroversion=v3.18&reponame=community

Package Instance