Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/309784?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "type": "apk", "namespace": "alpine", "name": "librewolf", "version": "70.0-r0", "qualifiers": { "arch": "aarch64", "distroversion": "v3.22", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "71.0.1-r0", "latest_non_vulnerable_version": "119.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1665?format=api", "vulnerability_id": "VCID-428t-zdmg-1qe3", "summary": "A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted rather than the 'Click to Play' permission.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54206", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54263", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11765" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-11765" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-428t-zdmg-1qe3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1591?format=api", "vulnerability_id": "VCID-b5fq-qdud-dfb9", "summary": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.62002", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61952", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764442", "reference_id": "1764442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764442" }, { "reference_url": "https://security.archlinux.org/ASA-201910-15", "reference_id": "ASA-201910-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-15" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1054", "reference_id": "AVG-1054", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1054" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3281", "reference_id": "RHSA-2019:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-11761" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b5fq-qdud-dfb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1590?format=api", "vulnerability_id": "VCID-bymc-339x-hqd2", "summary": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79867", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79842", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764441", "reference_id": "1764441", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764441" }, { "reference_url": "https://security.archlinux.org/ASA-201910-15", "reference_id": "ASA-201910-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-15" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1054", "reference_id": "AVG-1054", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1054" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3281", "reference_id": "RHSA-2019:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-11760" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bymc-339x-hqd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1592?format=api", "vulnerability_id": "VCID-c35e-jf9r-8ken", "summary": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11762.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11762.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57965", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57912", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764443", "reference_id": "1764443", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764443" }, { "reference_url": "https://security.archlinux.org/ASA-201910-15", "reference_id": "ASA-201910-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-15" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1054", "reference_id": "AVG-1054", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1054" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3281", "reference_id": "RHSA-2019:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-11762" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c35e-jf9r-8ken" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1586?format=api", "vulnerability_id": "VCID-cvna-73ya-gbg5", "summary": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early. A subsequent call to XML_GetCurrentLineNumber or XML_GetCurrentColumnNumber then resulted in a heap-based buffer over-read.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42404", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42328", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://seclists.org/bugtraq/2019/Nov/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Nov/1" }, { "reference_url": "https://seclists.org/bugtraq/2019/Dec/17", "reference_id": "17", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Dec/17" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592", "reference_id": "1752592", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592" }, { "reference_url": "https://seclists.org/bugtraq/2019/Dec/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Dec/21" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Dec/23", "reference_id": "23", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/Dec/23" }, { "reference_url": "https://seclists.org/bugtraq/2019/Dec/23", "reference_id": "23", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Dec/23" }, { "reference_url": "https://seclists.org/bugtraq/2019/Nov/24", "reference_id": "24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Nov/24" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Dec/26", "reference_id": "26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/Dec/26" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Dec/27", "reference_id": "27", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/Dec/27" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/29", "reference_id": "29", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Oct/29" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Dec/30", "reference_id": "30", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://seclists.org/fulldisclosure/2019/Dec/30" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/30", "reference_id": "30", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Sep/30" }, { "reference_url": "https://github.com/libexpat/libexpat/issues/317", "reference_id": "317", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://github.com/libexpat/libexpat/issues/317" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/318", "reference_id": "318", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/318" }, { "reference_url": "https://github.com/libexpat/libexpat/issues/342", "reference_id": "342", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://github.com/libexpat/libexpat/issues/342" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/37", "reference_id": "37", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://seclists.org/bugtraq/2019/Sep/37" }, { "reference_url": "https://usn.ubuntu.com/4132-1/", "reference_id": "4132-1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://usn.ubuntu.com/4132-1/" }, { "reference_url": "https://usn.ubuntu.com/4132-2/", "reference_id": "4132-2", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://usn.ubuntu.com/4132-2/" }, { "reference_url": "https://usn.ubuntu.com/4165-1/", "reference_id": "4165-1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://usn.ubuntu.com/4165-1/" }, { "reference_url": "https://usn.ubuntu.com/4202-1/", "reference_id": "4202-1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://usn.ubuntu.com/4202-1/" }, { "reference_url": "https://usn.ubuntu.com/4335-1/", "reference_id": "4335-1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://usn.ubuntu.com/4335-1/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394", "reference_id": "939394", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/", "reference_id": "A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/" }, { "reference_url": "https://security.archlinux.org/ASA-201910-15", "reference_id": "ASA-201910-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-15" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/ASA-201910-17", "reference_id": "ASA-201910-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-17" }, { "reference_url": "https://security.archlinux.org/AVG-1053", "reference_id": "AVG-1053", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1053" }, { "reference_url": "https://security.archlinux.org/AVG-1054", "reference_id": "AVG-1054", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1054" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/", "reference_id": "BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/" }, { "reference_url": "https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43", "reference_id": "c20b758c332d9a13afbbb276d30db1d183a85d43", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4530", "reference_id": "dsa-4530", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4530" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4549", "reference_id": "dsa-4549", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4549" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4571", "reference_id": "dsa-4571", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4571" }, { "reference_url": "https://security.gentoo.org/glsa/201911-08", "reference_id": "GLSA-201911-08", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://security.gentoo.org/glsa/201911-08" }, { "reference_url": "https://support.apple.com/kb/HT210785", "reference_id": "HT210785", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://support.apple.com/kb/HT210785" }, { "reference_url": "https://support.apple.com/kb/HT210788", "reference_id": "HT210788", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://support.apple.com/kb/HT210788" }, { "reference_url": "https://support.apple.com/kb/HT210789", "reference_id": "HT210789", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://support.apple.com/kb/HT210789" }, { "reference_url": "https://support.apple.com/kb/HT210790", "reference_id": "HT210790", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://support.apple.com/kb/HT210790" }, { "reference_url": "https://support.apple.com/kb/HT210793", "reference_id": "HT210793", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://support.apple.com/kb/HT210793" }, { "reference_url": "https://support.apple.com/kb/HT210794", "reference_id": "HT210794", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://support.apple.com/kb/HT210794" }, { "reference_url": "https://support.apple.com/kb/HT210795", "reference_id": "HT210795", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://support.apple.com/kb/HT210795" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "msg00040.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html", "reference_id": "msg00080.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html", "reference_id": "msg00081.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190926-0004/", "reference_id": "ntap-20190926-0004", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190926-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3952", "reference_id": "RHSA-2020:3952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4484", "reference_id": "RHSA-2020:4484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22871", "reference_id": "RHSA-2025:22871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22871" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/", "reference_id": "S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/" }, { "reference_url": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html", "reference_id": "Slackware-Security-Advisory-expat-Updates.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html" }, { "reference_url": "http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html", "reference_id": "Slackware-Security-Advisory-mozilla-firefox-Updates.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html" }, { "reference_url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html", "reference_id": "Slackware-Security-Advisory-python-Updates.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html" }, { "reference_url": "https://www.tenable.com/security/tns-2021-11", "reference_id": "tns-2021-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/" } ], "url": "https://www.tenable.com/security/tns-2021-11" }, { "reference_url": "https://usn.ubuntu.com/7199-1/", "reference_id": "USN-7199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7199-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4852-1/", "reference_id": "USN-USN-4852-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4852-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5455-1/", "reference_id": "USN-USN-5455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5455-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-15903" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cvna-73ya-gbg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1594?format=api", "vulnerability_id": "VCID-herb-32az-vub9", "summary": "Mozilla developers and community members Bob Clary, Jason Kratzer, Aaron Klotz, Iain Ireland, Tyson Smith, Christian Holler, Steve Fink, Honza Bambas, Byron Campen, and Cristian Brindusan reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11764.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76552", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76523", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764446", "reference_id": "1764446", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764446" }, { "reference_url": "https://security.archlinux.org/ASA-201910-15", "reference_id": "ASA-201910-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-15" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1054", "reference_id": "AVG-1054", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1054" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3281", "reference_id": "RHSA-2019:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-11764" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-herb-32az-vub9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1589?format=api", "vulnerability_id": "VCID-kx36-ey2t-bygw", "summary": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0213", "scoring_system": "epss", "scoring_elements": "0.84511", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0213", "scoring_system": "epss", "scoring_elements": "0.84487", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764440", "reference_id": "1764440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764440" }, { "reference_url": "https://security.archlinux.org/ASA-201910-15", "reference_id": "ASA-201910-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-15" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1054", "reference_id": "AVG-1054", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1054" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3281", "reference_id": "RHSA-2019:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-11759" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kx36-ey2t-bygw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1593?format=api", "vulnerability_id": "VCID-nnt4-kek2-w7dd", "summary": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11763.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11763.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00804", "scoring_system": "epss", "scoring_elements": "0.74503", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00804", "scoring_system": "epss", "scoring_elements": "0.74471", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764444", "reference_id": "1764444", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764444" }, { "reference_url": "https://security.archlinux.org/ASA-201910-15", "reference_id": "ASA-201910-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-15" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1054", "reference_id": "AVG-1054", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1054" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://security.gentoo.org/glsa/202003-10", "reference_id": "GLSA-202003-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3281", "reference_id": "RHSA-2019:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-11763" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnt4-kek2-w7dd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1668?format=api", "vulnerability_id": "VCID-ssve-9dr8-xfbc", "summary": "If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40151", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40234", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17002" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-17002" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssve-9dr8-xfbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1666?format=api", "vulnerability_id": "VCID-ukhg-vp41-z3dr", "summary": "An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37019", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3711", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17000" }, { "reference_url": "https://security.archlinux.org/ASA-201910-16", "reference_id": "ASA-201910-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-16" }, { "reference_url": "https://security.archlinux.org/AVG-1055", "reference_id": "AVG-1055", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1055" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34", "reference_id": "mfsa2019-34", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/309784?format=api", "purl": "pkg:apk/alpine/librewolf@70.0-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2019-17000" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ukhg-vp41-z3dr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@70.0-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" }