Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/41799?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "firefox-esr", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "45.0esr-1", "latest_non_vulnerable_version": "140.11.0esr-1~deb13u1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9939?format=api", "vulnerability_id": "VCID-11w9-tx9j-9ufb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41728", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41736", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41747", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41562", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38497" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011098", "reference_id": "2011098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011098" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-38497" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11w9-tx9j-9ufb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183553?format=api", "vulnerability_id": "VCID-19ba-mbhw-zqdw", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5271", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.63054", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62944", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.63046", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.63058", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5271" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377661", "reference_id": "1377661", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377661" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5271" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-19ba-mbhw-zqdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/165015?format=api", "vulnerability_id": "VCID-1bjk-1ga1-jbdf", "summary": "The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46875.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46875.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46875", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60969", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60972", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60963", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60856", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46875" }, { "reference_url": "https://security.gentoo.org/glsa/202305-06", "reference_id": "202305-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/" } ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "reference_url": "https://security.gentoo.org/glsa/202305-13", "reference_id": "202305-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/" } ], "url": "https://security.gentoo.org/glsa/202305-13" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153451", "reference_id": "2153451", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153451" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-51", "reference_id": "mfsa2022-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-51/", "reference_id": "mfsa2022-51", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-52", "reference_id": "mfsa2022-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-52" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-52/", "reference_id": "mfsa2022-52", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-53", "reference_id": "mfsa2022-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-53" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-53/", "reference_id": "mfsa2022-53", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786188", "reference_id": "show_bug.cgi?id=1786188", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786188" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-46875" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bjk-1ga1-jbdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18078?format=api", "vulnerability_id": "VCID-1rxg-fmst-qkdu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11698.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47465", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47484", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47468", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47327", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11698" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328953", "reference_id": "2328953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328953" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1916152", "reference_id": "show_bug.cgi?id=1916152", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1916152" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-11698" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1rxg-fmst-qkdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8718?format=api", "vulnerability_id": "VCID-22k4-c14e-83hf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6827.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6827.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6827", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55661", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55539", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55659", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55674", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6827" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821968", "reference_id": "1821968", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821968" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13", "reference_id": "mfsa2020-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-6827" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22k4-c14e-83hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212829?format=api", "vulnerability_id": "VCID-2eyc-g61c-dqes", "summary": "The Mozilla Maintenance Service \"helper.exe\" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted by the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24801", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25017", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7761" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7761" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2eyc-g61c-dqes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212841?format=api", "vulnerability_id": "VCID-2pqp-k5qy-xke8", "summary": "The destructor function for the \"WindowsDllDetourPatcher\" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.72335", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.72342", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.72348", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.72252", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7804" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7804" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2pqp-k5qy-xke8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9556?format=api", "vulnerability_id": "VCID-2uen-1vwd-9qaw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78452", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78463", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78467", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01094", "scoring_system": "epss", "scoring_elements": "0.78385", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32810" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/crossbeam-rs/crossbeam", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/crossbeam-rs/crossbeam" }, { "reference_url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32810", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32810" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2021-0093.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2021-0093.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990342", "reference_id": "1990342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990342" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146", "reference_id": "993146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://github.com/advisories/GHSA-pqqp-xmhj-wgcw", "reference_id": "GHSA-pqqp-xmhj-wgcw", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqqp-xmhj-wgcw" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-32810", "GHSA-pqqp-xmhj-wgcw" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2uen-1vwd-9qaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1089?format=api", "vulnerability_id": "VCID-31hs-etq8-gqdc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.76444", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.76515", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.76529", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.76524", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330266", "reference_id": "1330266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330266" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0695", "reference_id": "RHSA-2016:0695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1041", "reference_id": "RHSA-2016:1041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1041" }, { "reference_url": "https://usn.ubuntu.com/2973-1/", "reference_id": "USN-2973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2805" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31hs-etq8-gqdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2035?format=api", "vulnerability_id": "VCID-357f-bphq-8bde", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9071.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9071.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9071", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49723", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.4973", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49586", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49742", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9071" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395100", "reference_id": "1395100", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395100" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9071" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-357f-bphq-8bde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/139924?format=api", "vulnerability_id": "VCID-3bsf-nmms-wkg9", "summary": "A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4051", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37871", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37884", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37681", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4051" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236076", "reference_id": "2236076", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236076" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4945", "reference_id": "RHSA-2023:4945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4946", "reference_id": "RHSA-2023:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4947", "reference_id": "RHSA-2023:4947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4948", "reference_id": "RHSA-2023:4948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4949", "reference_id": "RHSA-2023:4949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4950", "reference_id": "RHSA-2023:4950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4951", "reference_id": "RHSA-2023:4951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4952", "reference_id": "RHSA-2023:4952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4954", "reference_id": "RHSA-2023:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4955", "reference_id": "RHSA-2023:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4956", "reference_id": "RHSA-2023:4956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4957", "reference_id": "RHSA-2023:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4958", "reference_id": "RHSA-2023:4958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4959", "reference_id": "RHSA-2023:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5019", "reference_id": "RHSA-2023:5019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5019" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1821884", "reference_id": "show_bug.cgi?id=1821884", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1821884" }, { "reference_url": "https://usn.ubuntu.com/6267-1/", "reference_id": "USN-6267-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6267-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42184?format=api", "purl": "pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4051" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3bsf-nmms-wkg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8719?format=api", "vulnerability_id": "VCID-3deh-j4ss-4fe8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6828.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6828.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6828", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58332", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58215", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58328", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58344", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6828" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821967", "reference_id": "1821967", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821967" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13", "reference_id": "mfsa2020-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-6828" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3deh-j4ss-4fe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19716?format=api", "vulnerability_id": "VCID-3hky-9bcs-9bet", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3863.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3863.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3863", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.57132", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.57139", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.57124", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.57005", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3863" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275554", "reference_id": "2275554", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275554" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-18/", "reference_id": "mfsa2024-18", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-18/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-19/", "reference_id": "mfsa2024-19", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-19/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-20/", "reference_id": "mfsa2024-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-20/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855", "reference_id": "show_bug.cgi?id=1885855", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1885855" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-3863" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hky-9bcs-9bet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8697?format=api", "vulnerability_id": "VCID-3mns-1kky-uuh4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6799.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65168", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65068", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65177", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65179", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6799" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801919", "reference_id": "1801919", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801919" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-05", "reference_id": "mfsa2020-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-06", "reference_id": "mfsa2020-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-6799" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mns-1kky-uuh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3565?format=api", "vulnerability_id": "VCID-3vbk-nx9h-kkf6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5428.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5428.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59408", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59411", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.59298", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5942", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5428" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433202", "reference_id": "1433202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433202" }, { "reference_url": "https://security.archlinux.org/ASA-201703-15", "reference_id": "ASA-201703-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-15" }, { "reference_url": "https://security.archlinux.org/AVG-219", "reference_id": "AVG-219", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-219" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-08", "reference_id": "mfsa2017-08", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0558", "reference_id": "RHSA-2017:0558", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0558" }, { "reference_url": "https://usn.ubuntu.com/3238-1/", "reference_id": "USN-3238-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3238-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5428" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3vbk-nx9h-kkf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9944?format=api", "vulnerability_id": "VCID-3zq7-rgzd-q7hz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58236", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58242", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58252", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58122", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019623", "reference_id": "2019623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019623" }, { "reference_url": "https://security.archlinux.org/AVG-2512", "reference_id": "AVG-2512", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2512" }, { "reference_url": "https://security.archlinux.org/AVG-2519", "reference_id": "AVG-2519", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2519" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-38505" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3zq7-rgzd-q7hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6100?format=api", "vulnerability_id": "VCID-43kk-mssb-uyes", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54632", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54506", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54648", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11694" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712620", "reference_id": "1712620", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712620" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-13", "reference_id": "mfsa2019-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-14", "reference_id": "mfsa2019-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-15", "reference_id": "mfsa2019-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11694" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43kk-mssb-uyes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2041?format=api", "vulnerability_id": "VCID-44b3-nv3n-gudk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9078", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01176", "scoring_system": "epss", "scoring_elements": "0.7921", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01176", "scoring_system": "epss", "scoring_elements": "0.79135", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01176", "scoring_system": "epss", "scoring_elements": "0.792", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01176", "scoring_system": "epss", "scoring_elements": "0.79214", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9078" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201612-1", "reference_id": "ASA-201612-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-1" }, { "reference_url": "https://security.archlinux.org/AVG-90", "reference_id": "AVG-90", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-91", "reference_id": "mfsa2016-91", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-91" }, { "reference_url": "https://usn.ubuntu.com/3140-1/", "reference_id": "USN-3140-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3140-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9078" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44b3-nv3n-gudk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1522?format=api", "vulnerability_id": "VCID-4n6n-5t2p-83hr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5292.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5292.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00858", "scoring_system": "epss", "scoring_elements": "0.7551", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00858", "scoring_system": "epss", "scoring_elements": "0.75519", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00858", "scoring_system": "epss", "scoring_elements": "0.7544", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00858", "scoring_system": "epss", "scoring_elements": "0.75524", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5292" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395057", "reference_id": "1395057", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395057" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5292" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4n6n-5t2p-83hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179674?format=api", "vulnerability_id": "VCID-4nb5-15dg-2yck", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32214.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32214.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40381", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40549", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40572", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40558", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32214" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196743", "reference_id": "2196743", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196743" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-16", "reference_id": "mfsa2023-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-17", "reference_id": "mfsa2023-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-18", "reference_id": "mfsa2023-18", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-32214" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nb5-15dg-2yck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/139986?format=api", "vulnerability_id": "VCID-4ntn-7zea-pqc6", "summary": "Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4580", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2151", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21536", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21522", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21338", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4580" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236079", "reference_id": "2236079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236079" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4945", "reference_id": "RHSA-2023:4945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4946", "reference_id": "RHSA-2023:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4947", "reference_id": "RHSA-2023:4947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4948", "reference_id": "RHSA-2023:4948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4949", "reference_id": "RHSA-2023:4949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4950", "reference_id": "RHSA-2023:4950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4951", "reference_id": "RHSA-2023:4951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4952", "reference_id": "RHSA-2023:4952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4954", "reference_id": "RHSA-2023:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4955", "reference_id": "RHSA-2023:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4956", "reference_id": "RHSA-2023:4956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4957", "reference_id": "RHSA-2023:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4958", "reference_id": "RHSA-2023:4958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4959", "reference_id": "RHSA-2023:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5019", "reference_id": "RHSA-2023:5019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5019" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843046", "reference_id": "show_bug.cgi?id=1843046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843046" }, { "reference_url": "https://usn.ubuntu.com/6320-1/", "reference_id": "USN-6320-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6320-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42184?format=api", "purl": "pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4580" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ntn-7zea-pqc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39267?format=api", "vulnerability_id": "VCID-5d5f-rvnf-qkgz", "summary": "On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5692.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55269", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55145", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55266", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55282", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5692" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291398", "reference_id": "2291398", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291398" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-25", "reference_id": "mfsa2024-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-25/", "reference_id": "mfsa2024-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-26", "reference_id": "mfsa2024-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-26/", "reference_id": "mfsa2024-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-26/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-28", "reference_id": "mfsa2024-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-28/", "reference_id": "mfsa2024-28", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-28/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234", "reference_id": "show_bug.cgi?id=1891234", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1891234" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-5692" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5d5f-rvnf-qkgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29890?format=api", "vulnerability_id": "VCID-5f21-qac3-yfg1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03843", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03831", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03841", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04973", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4712" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450728", "reference_id": "2450728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450728" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017666", "reference_id": "show_bug.cgi?id=2017666", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017666" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4712" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5f21-qac3-yfg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1095?format=api", "vulnerability_id": "VCID-5qe6-vvry-9yaz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2811", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01744", "scoring_system": "epss", "scoring_elements": "0.82943", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01744", "scoring_system": "epss", "scoring_elements": "0.83004", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01744", "scoring_system": "epss", "scoring_elements": "0.83013", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01744", "scoring_system": "epss", "scoring_elements": "0.83008", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2811" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330275", "reference_id": "1330275", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811", "reference_id": "CVE-2016-2811", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-42", "reference_id": "mfsa2016-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-42" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2811" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qe6-vvry-9yaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212935?format=api", "vulnerability_id": "VCID-62jd-wpqg-wbfh", "summary": "Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16048.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16048.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-16048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41368", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41534", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41552", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41542", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-16048" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926979", "reference_id": "1926979", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926979" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-06", "reference_id": "mfsa2021-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-16048" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-62jd-wpqg-wbfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2040?format=api", "vulnerability_id": "VCID-67pz-pdta-a7gp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9077.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9077.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9077", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38332", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38344", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38157", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38355", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9077" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395099", "reference_id": "1395099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395099" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9077" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67pz-pdta-a7gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196998?format=api", "vulnerability_id": "VCID-67sg-az4a-pue7", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5379", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82985", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.83046", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.83055", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.8305", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5379" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5379" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67sg-az4a-pue7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/185120?format=api", "vulnerability_id": "VCID-69ak-pqyb-5fc2", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.71074", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70973", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.71063", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.71076", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12381" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625529", "reference_id": "1625529", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625529" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "GLSA-201810-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21", "reference_id": "mfsa2018-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-12381" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69ak-pqyb-5fc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183558?format=api", "vulnerability_id": "VCID-6jpw-vg58-gked", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51362", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.5123", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51361", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51375", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377670", "reference_id": "1377670", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377670" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5283" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6jpw-vg58-gked" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212838?format=api", "vulnerability_id": "VCID-6vu7-kuzb-9fen", "summary": "An error in the \"WindowsDllDetourPatcher\" where a RWX (\"Read/Write/Execute\") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7782", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66826", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66919", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66933", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7782" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7782" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6vu7-kuzb-9fen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212921?format=api", "vulnerability_id": "VCID-6xs5-m7ar-g3cj", "summary": "The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64887", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64988", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.65", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64996", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12393" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831946", "reference_id": "1831946", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831946" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18", "reference_id": "mfsa2020-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12393" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6xs5-m7ar-g3cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1116?format=api", "vulnerability_id": "VCID-6ypx-faq3-xyf8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61075", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61181", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.6119", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61185", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347908", "reference_id": "1347908", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347908" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-61", "reference_id": "mfsa2016-61", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-61" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2779", "reference_id": "RHSA-2016:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2779" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" }, { "reference_url": "https://usn.ubuntu.com/3029-1/", "reference_id": "USN-3029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3029-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2834" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ypx-faq3-xyf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7886?format=api", "vulnerability_id": "VCID-7cj1-e8h5-vfdm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15663.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.74009", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73936", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.74024", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15663" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872530", "reference_id": "1872530", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872530" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36", "reference_id": "mfsa2020-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-36" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-37", "reference_id": "mfsa2020-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-37" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-38", "reference_id": "mfsa2020-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-40", "reference_id": "mfsa2020-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-40" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-41", "reference_id": "mfsa2020-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-41" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-15663" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7cj1-e8h5-vfdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2211?format=api", "vulnerability_id": "VCID-7jjh-whu4-ryaj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9894", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83654", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83588", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83647", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83657", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9894" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9894" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7jjh-whu4-ryaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9940?format=api", "vulnerability_id": "VCID-7mwh-wn9x-mbff", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71267", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71278", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.7128", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.71177", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38498" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011099", "reference_id": "2011099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011099" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-38498" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7mwh-wn9x-mbff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212913?format=api", "vulnerability_id": "VCID-7njh-b1b6-87ey", "summary": "During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17015.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17015.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76578", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76647", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76662", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00932", "scoring_system": "epss", "scoring_elements": "0.76657", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17015" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788722", "reference_id": "1788722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788722" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-01", "reference_id": "mfsa2020-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-02", "reference_id": "mfsa2020-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-04", "reference_id": "mfsa2020-04", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-17015" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7njh-b1b6-87ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17876?format=api", "vulnerability_id": "VCID-824p-a2wh-h7b9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.4399", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43828", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43983", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.44002", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5727" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245902", "reference_id": "2245902", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245902" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-45", "reference_id": "mfsa2023-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-45/", "reference_id": "mfsa2023-45", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-46", "reference_id": "mfsa2023-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-46/", "reference_id": "mfsa2023-46", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-47", "reference_id": "mfsa2023-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-47/", "reference_id": "mfsa2023-47", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-47/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1847180", "reference_id": "show_bug.cgi?id=1847180", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1847180" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5727" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-824p-a2wh-h7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18364?format=api", "vulnerability_id": "VCID-87gy-7875-7fg2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2605.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2605.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39609", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39619", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39595", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39424", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2605" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270659", "reference_id": "2270659", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270659" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-12/", "reference_id": "mfsa2024-12", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-12/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-13", "reference_id": "mfsa2024-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-13/", "reference_id": "mfsa2024-13", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-14", "reference_id": "mfsa2024-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-14/", "reference_id": "mfsa2024-14", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-14/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1872920", "reference_id": "show_bug.cgi?id=1872920", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1872920" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-2605" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87gy-7875-7fg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25532?format=api", "vulnerability_id": "VCID-8966-aewf-27f6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5265.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5265.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18936", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.1896", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18943", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18779", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5265" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368748", "reference_id": "2368748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368748" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-43/", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1962301", "reference_id": "show_bug.cgi?id=1962301", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1962301" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5265" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8966-aewf-27f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/139822?format=api", "vulnerability_id": "VCID-8f5p-vpt4-yyb5", "summary": "Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. \n*This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4582", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71599", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71503", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71589", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00657", "scoring_system": "epss", "scoring_elements": "0.71601", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4582" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236081", "reference_id": "2236081", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236081" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773874", "reference_id": "show_bug.cgi?id=1773874", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773874" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4582" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8f5p-vpt4-yyb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/128983?format=api", "vulnerability_id": "VCID-8jdx-sc77-tybh", "summary": "After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39478", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3949", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39465", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39295", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25734" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170384", "reference_id": "2170384", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170384" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784451", "reference_id": "show_bug.cgi?id=1784451", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784451" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809923", "reference_id": "show_bug.cgi?id=1809923", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809923" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810143", "reference_id": "show_bug.cgi?id=1810143", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810143" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812338", "reference_id": "show_bug.cgi?id=1812338", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812338" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-25734" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jdx-sc77-tybh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4623?format=api", "vulnerability_id": "VCID-8r46-96b2-xbd7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01854", "scoring_system": "epss", "scoring_elements": "0.83492", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01854", "scoring_system": "epss", "scoring_elements": "0.83432", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01854", "scoring_system": "epss", "scoring_elements": "0.83498", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01854", "scoring_system": "epss", "scoring_elements": "0.83501", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12368" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595033", "reference_id": "1595033", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595033" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "GLSA-201810-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-12368" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8r46-96b2-xbd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212835?format=api", "vulnerability_id": "VCID-94gd-8ska-tueq", "summary": "The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance Service executes with privileged access, bypassing system protections against unprivileged users. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14764", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14885", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14884", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14855", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7768" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7768" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94gd-8ska-tueq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5112?format=api", "vulnerability_id": "VCID-99dw-9mfj-9kge", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18335.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18335.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18335", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04343", "scoring_system": "epss", "scoring_elements": "0.89216", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04343", "scoring_system": "epss", "scoring_elements": "0.8917", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04343", "scoring_system": "epss", "scoring_elements": "0.89208", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18335" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18335" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18336", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18336" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18338" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18339", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18339" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20070" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656549", "reference_id": "1656549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656549" }, { "reference_url": "https://security.archlinux.org/ASA-201812-2", "reference_id": "ASA-201812-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201812-2" }, { "reference_url": "https://security.archlinux.org/ASA-201902-23", "reference_id": "ASA-201902-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-23" }, { "reference_url": "https://security.archlinux.org/AVG-824", "reference_id": "AVG-824", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-824" }, { "reference_url": "https://security.archlinux.org/AVG-908", "reference_id": "AVG-908", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-908" }, { "reference_url": "https://security.gentoo.org/glsa/201904-07", "reference_id": "GLSA-201904-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201904-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-05", "reference_id": "mfsa2019-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-06", "reference_id": "mfsa2019-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3803", "reference_id": "RHSA-2018:3803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3803" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-18335" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-99dw-9mfj-9kge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212918?format=api", "vulnerability_id": "VCID-9c48-jz6g-8yh3", "summary": "Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a \"URL Handler\" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9801.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9801.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50968", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.51099", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.51112", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.511", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9801" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690682", "reference_id": "1690682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690682" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-07", "reference_id": "mfsa2019-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-08", "reference_id": "mfsa2019-08", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-11", "reference_id": "mfsa2019-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9801" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9c48-jz6g-8yh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9936?format=api", "vulnerability_id": "VCID-9qws-hebg-uqce", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61595", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61599", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61603", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61492", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38492" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002118", "reference_id": "2002118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002118" }, { "reference_url": "https://security.archlinux.org/AVG-2351", "reference_id": "AVG-2351", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2351" }, { "reference_url": "https://security.archlinux.org/AVG-2353", "reference_id": "AVG-2353", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2353" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38", "reference_id": "mfsa2021-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39", "reference_id": "mfsa2021-39", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-39" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40", "reference_id": "mfsa2021-40", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-40" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41", "reference_id": "mfsa2021-41", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-41" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42", "reference_id": "mfsa2021-42", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-42" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-38492" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9qws-hebg-uqce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/173664?format=api", "vulnerability_id": "VCID-9tac-6ypm-qydc", "summary": "A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.58797", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.58682", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.58794", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.58808", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22753" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053241", "reference_id": "2053241", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053241" }, { "reference_url": "https://security.gentoo.org/glsa/202202-03", "reference_id": "GLSA-202202-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202202-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-04/", "reference_id": "mfsa2022-04", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-05/", "reference_id": "mfsa2022-05", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-06/", "reference_id": "mfsa2022-06", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-06/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1732435", "reference_id": "show_bug.cgi?id=1732435", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1732435" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-22753" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tac-6ypm-qydc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75425?format=api", "vulnerability_id": "VCID-9tg8-5ktq-73ad", "summary": "Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6759.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6759.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2113", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21148", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21129", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20953", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6759" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460094", "reference_id": "2460094", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460094" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016164", "reference_id": "show_bug.cgi?id=2016164", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016164" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6759" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tg8-5ktq-73ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1121?format=api", "vulnerability_id": "VCID-9tzr-adwz-rqa3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73631", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73544", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73618", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73633", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2839" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361977", "reference_id": "1361977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839", "reference_id": "CVE-2016-2839", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-65", "reference_id": "mfsa2016-65", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-65" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2839" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tzr-adwz-rqa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183554?format=api", "vulnerability_id": "VCID-a3ub-hkr4-pydw", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5273", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00691", "scoring_system": "epss", "scoring_elements": "0.72375", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00691", "scoring_system": "epss", "scoring_elements": "0.72285", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00691", "scoring_system": "epss", "scoring_elements": "0.72368", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00691", "scoring_system": "epss", "scoring_elements": "0.72381", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5273" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377669", "reference_id": "1377669", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377669" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5273" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3ub-hkr4-pydw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212806?format=api", "vulnerability_id": "VCID-ae1p-hwkc-hfgf", "summary": "Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47527", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47668", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47683", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47664", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2670" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2670" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ae1p-hwkc-hfgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29889?format=api", "vulnerability_id": "VCID-afc5-httk-83bh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07754", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07759", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07731", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07766", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4711" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450733", "reference_id": "2450733", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450733" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017002", "reference_id": "show_bug.cgi?id=2017002", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017002" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4711" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-afc5-httk-83bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3990?format=api", "vulnerability_id": "VCID-avqh-n6pe-dudy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7825.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7825.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7825", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82804", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82807", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82742", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82811", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7825" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496657", "reference_id": "1496657", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496657" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-21", "reference_id": "mfsa2017-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-22", "reference_id": "mfsa2017-22", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-23", "reference_id": "mfsa2017-23", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-23" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7825" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avqh-n6pe-dudy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1506?format=api", "vulnerability_id": "VCID-ax2b-cu44-gfa3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5255.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5255.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78501", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78423", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.7849", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78505", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5255" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361981", "reference_id": "1361981", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5255", "reference_id": "CVE-2016-5255", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5255" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-71", "reference_id": "mfsa2016-71", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-71" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5255" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax2b-cu44-gfa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7394?format=api", "vulnerability_id": "VCID-az7u-88nn-yufu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9794.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9794.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.6936", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.69268", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.69369", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.69372", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9794" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690679", "reference_id": "1690679", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690679" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-07", "reference_id": "mfsa2019-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-08", "reference_id": "mfsa2019-08", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-11", "reference_id": "mfsa2019-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9794" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-az7u-88nn-yufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212927?format=api", "vulnerability_id": "VCID-b2jd-cd1y-4qdy", "summary": "Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15649.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15649.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37286", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37463", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37486", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37473", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15649" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870408", "reference_id": "1870408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870408" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31", "reference_id": "mfsa2020-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-15649" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2jd-cd1y-4qdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/213152?format=api", "vulnerability_id": "VCID-b4xp-8f8v-sba9", "summary": "Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5594", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38503", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38698", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38688", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5594" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-5594" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b4xp-8f8v-sba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140229?format=api", "vulnerability_id": "VCID-bawb-xauy-4kb4", "summary": "When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27716", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27727", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27702", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.275", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4577" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236075", "reference_id": "2236075", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236075" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4945", "reference_id": "RHSA-2023:4945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4946", "reference_id": "RHSA-2023:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4947", "reference_id": "RHSA-2023:4947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4948", "reference_id": "RHSA-2023:4948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4949", "reference_id": "RHSA-2023:4949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4950", "reference_id": "RHSA-2023:4950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4951", "reference_id": "RHSA-2023:4951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4952", "reference_id": "RHSA-2023:4952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4954", "reference_id": "RHSA-2023:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4955", "reference_id": "RHSA-2023:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4956", "reference_id": "RHSA-2023:4956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4957", "reference_id": "RHSA-2023:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4958", "reference_id": "RHSA-2023:4958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4959", "reference_id": "RHSA-2023:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5019", "reference_id": "RHSA-2023:5019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5019" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1847397", "reference_id": "show_bug.cgi?id=1847397", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1847397" }, { "reference_url": "https://usn.ubuntu.com/6320-1/", "reference_id": "USN-6320-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6320-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42184?format=api", "purl": "pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4577" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bawb-xauy-4kb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1088?format=api", "vulnerability_id": "VCID-bvx4-p3zv-hfb5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00941", "scoring_system": "epss", "scoring_elements": "0.76696", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00941", "scoring_system": "epss", "scoring_elements": "0.76765", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00941", "scoring_system": "epss", "scoring_elements": "0.76778", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00941", "scoring_system": "epss", "scoring_elements": "0.76773", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2804" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330260", "reference_id": "1330260", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330260" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804", "reference_id": "CVE-2016-2804", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2804" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvx4-p3zv-hfb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140101?format=api", "vulnerability_id": "VCID-c2yr-56yz-1ye2", "summary": "Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4057.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4057.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4057", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46067", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46081", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46074", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45929", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4057" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228371", "reference_id": "2228371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228371" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-31", "reference_id": "mfsa2023-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-31/", "reference_id": "mfsa2023-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-33", "reference_id": "mfsa2023-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-33/", "reference_id": "mfsa2023-33", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-33/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4460", "reference_id": "RHSA-2023:4460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4461", "reference_id": "RHSA-2023:4461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4462", "reference_id": "RHSA-2023:4462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4463", "reference_id": "RHSA-2023:4463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4464", "reference_id": "RHSA-2023:4464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4465", "reference_id": "RHSA-2023:4465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4468", "reference_id": "RHSA-2023:4468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4469", "reference_id": "RHSA-2023:4469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4492", "reference_id": "RHSA-2023:4492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4493", "reference_id": "RHSA-2023:4493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4494", "reference_id": "RHSA-2023:4494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4495", "reference_id": "RHSA-2023:4495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4496", "reference_id": "RHSA-2023:4496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4497", "reference_id": "RHSA-2023:4497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4499", "reference_id": "RHSA-2023:4499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4500", "reference_id": "RHSA-2023:4500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4500" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1841682", "reference_id": "show_bug.cgi?id=1841682", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1841682" }, { "reference_url": "https://usn.ubuntu.com/6267-1/", "reference_id": "USN-6267-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6267-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42183?format=api", "purl": "pkg:deb/debian/firefox-esr@115.1.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.1.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4057" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c2yr-56yz-1ye2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8519?format=api", "vulnerability_id": "VCID-cadd-un3y-yfh8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35112.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35112.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35112", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.65357", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.65366", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.65368", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.65257", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35112" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908028", "reference_id": "1908028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908028" }, { "reference_url": "https://security.archlinux.org/AVG-1364", "reference_id": "AVG-1364", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1364" }, { "reference_url": "https://security.archlinux.org/AVG-1366", "reference_id": "AVG-1366", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1366" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-54", "reference_id": "mfsa2020-54", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-54" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-55", "reference_id": "mfsa2020-55", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-55" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-56", "reference_id": "mfsa2020-56", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-56" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-35112" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cadd-un3y-yfh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212831?format=api", "vulnerability_id": "VCID-crcu-7ms1-37hu", "summary": "The \"Mark of the Web\" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.66224", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.66235", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.66238", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.66131", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7765" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7765" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crcu-7ms1-37hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183551?format=api", "vulnerability_id": "VCID-cxpj-n2cg-s3cx", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5260", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.70111", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.70201", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.70215", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.70213", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5260" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361985", "reference_id": "1361985", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260", "reference_id": "CVE-2016-5260", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-74", "reference_id": "mfsa2016-74", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-74" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5260" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cxpj-n2cg-s3cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196992?format=api", "vulnerability_id": "VCID-cyke-6j3r-v7b9", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79994", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.80057", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.80073", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.80066", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5388" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5388" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cyke-6j3r-v7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1114?format=api", "vulnerability_id": "VCID-dfrh-bc49-eyc5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2832.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2832.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68607", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68697", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.6871", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68705", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2832" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342899", "reference_id": "1342899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2832", "reference_id": "CVE-2016-2832", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2832" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-59", "reference_id": "mfsa2016-59", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-59" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2832" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dfrh-bc49-eyc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140336?format=api", "vulnerability_id": "VCID-dgw2-jdmf-aqbg", "summary": "Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42585", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42412", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42575", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42597", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4585" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236086", "reference_id": "2236086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236086" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999", "reference_id": "buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4945", "reference_id": "RHSA-2023:4945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4946", "reference_id": "RHSA-2023:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4947", "reference_id": "RHSA-2023:4947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4948", "reference_id": "RHSA-2023:4948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4949", "reference_id": "RHSA-2023:4949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4950", "reference_id": "RHSA-2023:4950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4951", "reference_id": "RHSA-2023:4951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4952", "reference_id": "RHSA-2023:4952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4954", "reference_id": "RHSA-2023:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4955", "reference_id": "RHSA-2023:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4956", "reference_id": "RHSA-2023:4956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4957", "reference_id": "RHSA-2023:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4958", "reference_id": "RHSA-2023:4958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4959", "reference_id": "RHSA-2023:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5019", "reference_id": "RHSA-2023:5019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5019" }, { "reference_url": "https://usn.ubuntu.com/6320-1/", "reference_id": "USN-6320-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6320-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42184?format=api", "purl": "pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4585" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgw2-jdmf-aqbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22256?format=api", "vulnerability_id": "VCID-dtvp-4sje-77aq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6600.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6600.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6600", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.3571", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35726", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35706", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35526", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6600" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296635", "reference_id": "2296635", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296635" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", "reference_id": "mfsa2024-29", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-30/", "reference_id": "mfsa2024-30", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-31/", "reference_id": "mfsa2024-31", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "reference_id": "mfsa2024-32", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888340", "reference_id": "show_bug.cgi?id=1888340", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1888340" }, { "reference_url": "https://usn.ubuntu.com/6903-1/", "reference_id": "USN-6903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6600" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dtvp-4sje-77aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1514?format=api", "vulnerability_id": "VCID-eahm-z1n9-fqb2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5266.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5266.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.62982", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.62872", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.62974", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.62986", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5266" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361995", "reference_id": "1361995", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5266", "reference_id": "CVE-2016-5266", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5266" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-81", "reference_id": "mfsa2016-81", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-81" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5266" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eahm-z1n9-fqb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212851?format=api", "vulnerability_id": "VCID-efpd-eftr-xkgq", "summary": "A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73858", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73932", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73947", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7845" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-28", "reference_id": "mfsa2017-28", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-28" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-29", "reference_id": "mfsa2017-29", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-30", "reference_id": "mfsa2017-30", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-30" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7845" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efpd-eftr-xkgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/122371?format=api", "vulnerability_id": "VCID-euqv-uj9v-myd4", "summary": "Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12832", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12918", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12938", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12927", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11713" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403767", "reference_id": "2403767", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403767" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1986142", "reference_id": "show_bug.cgi?id=1986142", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1986142" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-11713" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-euqv-uj9v-myd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1093?format=api", "vulnerability_id": "VCID-ew9s-af72-vbgf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63904", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.64006", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.6402", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.64018", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330272", "reference_id": "1330272", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809", "reference_id": "CVE-2016-2809", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-40", "reference_id": "mfsa2016-40", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2809" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ew9s-af72-vbgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30166?format=api", "vulnerability_id": "VCID-ex3t-fz3u-k3dw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19681", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19707", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19685", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19512", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8949" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355639", "reference_id": "show_bug.cgi?id=1355639", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355639" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-8949" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ex3t-fz3u-k3dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9391?format=api", "vulnerability_id": "VCID-f797-j2z7-vygg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65982", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65992", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65886", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65996", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29951" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961505", "reference_id": "1961505", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961505" }, { "reference_url": "https://security.archlinux.org/AVG-1914", "reference_id": "AVG-1914", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1914" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10", "reference_id": "mfsa2021-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-18", "reference_id": "mfsa2021-18", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-19", "reference_id": "mfsa2021-19", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-29951" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f797-j2z7-vygg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183556?format=api", "vulnerability_id": "VCID-fakd-5xdv-6khm", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5279", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59645", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59535", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59643", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59655", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5279" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377673", "reference_id": "1377673", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377673" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5279" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fakd-5xdv-6khm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1117?format=api", "vulnerability_id": "VCID-fas9-7nxh-sqdm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2835.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69573", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69472", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69563", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69575", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2835" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361975", "reference_id": "1361975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2835", "reference_id": "CVE-2016-2835", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2835" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-62", "reference_id": "mfsa2016-62", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-62" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2835" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fas9-7nxh-sqdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1104?format=api", "vulnerability_id": "VCID-fkuq-39pg-nyfu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2820", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62419", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.6252", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62532", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62527", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2820" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330287", "reference_id": "1330287", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820", "reference_id": "CVE-2016-2820", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-48", "reference_id": "mfsa2016-48", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-48" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2820" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fkuq-39pg-nyfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/173549?format=api", "vulnerability_id": "VCID-fv38-hp3r-33c9", "summary": "The constructed curl command from the \"Copy as curl\" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22744.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22744.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22744", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68731", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68631", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68723", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68737", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22744" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039571", "reference_id": "2039571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039571" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1737252", "reference_id": "show_bug.cgi?id=1737252", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1737252" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-22744" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fv38-hp3r-33c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183549?format=api", "vulnerability_id": "VCID-fvcc-gkw1-ffg4", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5253", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18523", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18686", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18703", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1868", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5253" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253", "reference_id": "CVE-2016-5253", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-69", "reference_id": "mfsa2016-69", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-69" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5253" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvcc-gkw1-ffg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196996?format=api", "vulnerability_id": "VCID-fw7b-ynyy-h3hf", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76882", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76952", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76967", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.7696", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5382" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5382" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7b-ynyy-h3hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183559?format=api", "vulnerability_id": "VCID-fzph-s5ph-9fgh", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21929", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22118", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22129", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22104", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5293" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5293" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fzph-s5ph-9fgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212804?format=api", "vulnerability_id": "VCID-g29f-ym68-yyby", "summary": "Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60932", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61038", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61047", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61045", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2668" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2668" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g29f-ym68-yyby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/213283?format=api", "vulnerability_id": "VCID-gvdh-dc21-fbcd", "summary": "Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11758.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11758.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74689", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74759", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74772", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00812", "scoring_system": "epss", "scoring_elements": "0.74769", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11758" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764439", "reference_id": "1764439", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764439" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25", "reference_id": "mfsa2019-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33", "reference_id": "mfsa2019-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-33" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35", "reference_id": "mfsa2019-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3193", "reference_id": "RHSA-2019:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3196", "reference_id": "RHSA-2019:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3210", "reference_id": "RHSA-2019:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3237", "reference_id": "RHSA-2019:3237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3281", "reference_id": "RHSA-2019:3281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3756", "reference_id": "RHSA-2019:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11758" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gvdh-dc21-fbcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12303?format=api", "vulnerability_id": "VCID-h6bb-zetn-7qha", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38477.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38477.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42108", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42117", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42096", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41933", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38477" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120695", "reference_id": "2120695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120695" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363", "reference_id": "buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363" }, { "reference_url": "https://security.gentoo.org/glsa/202208-37", "reference_id": "GLSA-202208-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-37" }, { "reference_url": "https://security.gentoo.org/glsa/202208-38", "reference_id": "GLSA-202208-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-33", "reference_id": "mfsa2022-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-33/", "reference_id": "mfsa2022-33", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-34", "reference_id": "mfsa2022-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-34/", "reference_id": "mfsa2022-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-36", "reference_id": "mfsa2022-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-36/", "reference_id": "mfsa2022-36", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-36/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6164", "reference_id": "RHSA-2022:6164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6165", "reference_id": "RHSA-2022:6165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6166", "reference_id": "RHSA-2022:6166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6167", "reference_id": "RHSA-2022:6167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6168", "reference_id": "RHSA-2022:6168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6169", "reference_id": "RHSA-2022:6169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6174", "reference_id": "RHSA-2022:6174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6175", "reference_id": "RHSA-2022:6175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6176", "reference_id": "RHSA-2022:6176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6177", "reference_id": "RHSA-2022:6177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6178", "reference_id": "RHSA-2022:6178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6179", "reference_id": "RHSA-2022:6179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6179" }, { "reference_url": "https://usn.ubuntu.com/5581-1/", "reference_id": "USN-5581-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5581-1/" }, { "reference_url": "https://usn.ubuntu.com/5663-1/", "reference_id": "USN-5663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42157?format=api", "purl": "pkg:deb/debian/firefox-esr@102.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-38477" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6bb-zetn-7qha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23422?format=api", "vulnerability_id": "VCID-hdwa-pyqr-yfg7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2817.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30136", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30154", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30137", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29941", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2817" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362902", "reference_id": "2362902", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362902" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-28/", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-29/", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-30/", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-31/", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-32/", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4443", "reference_id": "RHSA-2025:4443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4458", "reference_id": "RHSA-2025:4458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4460", "reference_id": "RHSA-2025:4460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4751", "reference_id": "RHSA-2025:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4752", "reference_id": "RHSA-2025:4752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4753", "reference_id": "RHSA-2025:4753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4756", "reference_id": "RHSA-2025:4756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4797", "reference_id": "RHSA-2025:4797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7428", "reference_id": "RHSA-2025:7428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7506", "reference_id": "RHSA-2025:7506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7507", "reference_id": "RHSA-2025:7507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7543", "reference_id": "RHSA-2025:7543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7544", "reference_id": "RHSA-2025:7544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7545", "reference_id": "RHSA-2025:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7547", "reference_id": "RHSA-2025:7547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7689", "reference_id": "RHSA-2025:7689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7690", "reference_id": "RHSA-2025:7690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7691", "reference_id": "RHSA-2025:7691", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7691" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7692", "reference_id": "RHSA-2025:7692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7693", "reference_id": "RHSA-2025:7693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7694", "reference_id": "RHSA-2025:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7695", "reference_id": "RHSA-2025:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7695" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1917536", "reference_id": "show_bug.cgi?id=1917536", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1917536" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-2817" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdwa-pyqr-yfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129415?format=api", "vulnerability_id": "VCID-hf1g-dar6-jya3", "summary": "Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60531", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60421", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60528", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60539", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25738" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170380", "reference_id": "2170380", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170380" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811852", "reference_id": "show_bug.cgi?id=1811852", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811852" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-25738" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hf1g-dar6-jya3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2034?format=api", "vulnerability_id": "VCID-hmte-nu6a-bffg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9070.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9070.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9070", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00688", "scoring_system": "epss", "scoring_elements": "0.72312", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00688", "scoring_system": "epss", "scoring_elements": "0.72319", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00688", "scoring_system": "epss", "scoring_elements": "0.72229", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00688", "scoring_system": "epss", "scoring_elements": "0.72325", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9070" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396549", "reference_id": "1396549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396549" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9070" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmte-nu6a-bffg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22672?format=api", "vulnerability_id": "VCID-hqyw-9adf-t3cq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1930.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1930.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57375", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57383", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.57369", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.5725", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1930" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349787", "reference_id": "2349787", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349787" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-15/", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902309", "reference_id": "show_bug.cgi?id=1902309", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1902309" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-1930" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hqyw-9adf-t3cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2039?format=api", "vulnerability_id": "VCID-hrda-g2rz-kbcu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9076.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9076.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9076", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67659", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67669", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67569", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67672", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9076" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396537", "reference_id": "1396537", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396537" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9076" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hrda-g2rz-kbcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196997?format=api", "vulnerability_id": "VCID-hwrp-yjtx-23d4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79852", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79916", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79934", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79926", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5381" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5381" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hwrp-yjtx-23d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/173644?format=api", "vulnerability_id": "VCID-j1xm-2sbn-sudh", "summary": "A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22746.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33312", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33136", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33318", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33337", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039560", "reference_id": "2039560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039560" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-01/", "reference_id": "mfsa2022-01", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-02/", "reference_id": "mfsa2022-02", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-03/", "reference_id": "mfsa2022-03", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-03/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735071", "reference_id": "show_bug.cgi?id=1735071", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1735071" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-22746" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1xm-2sbn-sudh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/139975?format=api", "vulnerability_id": "VCID-jcek-pgfg-g3b2", "summary": "The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41017", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4103", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41008", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40841", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4052" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228369", "reference_id": "2228369", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228369" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-31", "reference_id": "mfsa2023-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-31/", "reference_id": "mfsa2023-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-33", "reference_id": "mfsa2023-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-33/", "reference_id": "mfsa2023-33", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-33/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1824420", "reference_id": "show_bug.cgi?id=1824420", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1824420" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4052" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcek-pgfg-g3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1111?format=api", "vulnerability_id": "VCID-jh3p-5484-x7f6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2829.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2829.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65637", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65735", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65746", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65742", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2829" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342896", "reference_id": "1342896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2829", "reference_id": "CVE-2016-2829", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2829" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-57", "reference_id": "mfsa2016-57", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-57" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2829" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jh3p-5484-x7f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212825?format=api", "vulnerability_id": "VCID-js3c-u28q-5fe9", "summary": "The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73886", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.7396", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73975", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7755" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7755" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-js3c-u28q-5fe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212830?format=api", "vulnerability_id": "VCID-juvv-bxfh-hygj", "summary": "Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66896", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66911", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.6691", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66803", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7763" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7763" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-juvv-bxfh-hygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1108?format=api", "vulnerability_id": "VCID-jxb4-15n9-ffar", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2825.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2825.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2825", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.7211", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.72194", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.72206", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00682", "scoring_system": "epss", "scoring_elements": "0.72201", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2825" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342894", "reference_id": "1342894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2825", "reference_id": "CVE-2016-2825", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2825" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-54", "reference_id": "mfsa2016-54", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-54" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2825" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxb4-15n9-ffar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2038?format=api", "vulnerability_id": "VCID-jz3y-h3au-f7ba", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9075.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9075.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9075", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02551", "scoring_system": "epss", "scoring_elements": "0.85862", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02551", "scoring_system": "epss", "scoring_elements": "0.85866", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02551", "scoring_system": "epss", "scoring_elements": "0.85813", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02551", "scoring_system": "epss", "scoring_elements": "0.85873", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9075" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395101", "reference_id": "1395101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395101" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9075" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jz3y-h3au-f7ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18073?format=api", "vulnerability_id": "VCID-kcvg-277x-pugb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11693.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60802", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.6081", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60695", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60801", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11693" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328949", "reference_id": "2328949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328949" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921458", "reference_id": "show_bug.cgi?id=1921458", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921458" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-11693" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kcvg-277x-pugb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140146?format=api", "vulnerability_id": "VCID-kfbc-sdkf-jfgx", "summary": "When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4578", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29091", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29104", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29085", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.28883", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4578" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236077", "reference_id": "2236077", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236077" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4945", "reference_id": "RHSA-2023:4945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4946", "reference_id": "RHSA-2023:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4947", "reference_id": "RHSA-2023:4947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4948", "reference_id": "RHSA-2023:4948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4949", "reference_id": "RHSA-2023:4949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4950", "reference_id": "RHSA-2023:4950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4951", "reference_id": "RHSA-2023:4951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4952", "reference_id": "RHSA-2023:4952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4954", "reference_id": "RHSA-2023:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4955", "reference_id": "RHSA-2023:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4956", "reference_id": "RHSA-2023:4956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4957", "reference_id": "RHSA-2023:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4958", "reference_id": "RHSA-2023:4958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4959", "reference_id": "RHSA-2023:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5019", "reference_id": "RHSA-2023:5019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5019" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839007", "reference_id": "show_bug.cgi?id=1839007", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839007" }, { "reference_url": "https://usn.ubuntu.com/6320-1/", "reference_id": "USN-6320-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6320-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42184?format=api", "purl": "pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4578" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfbc-sdkf-jfgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183560?format=api", "vulnerability_id": "VCID-kkz5-sjbf-7fcf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22129", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22104", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21929", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22118", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5294" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5294" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkz5-sjbf-7fcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6298?format=api", "vulnerability_id": "VCID-ksh4-qrvt-pbcz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13722.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13722.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.5836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.58248", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.58364", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00356", "scoring_system": "epss", "scoring_elements": "0.58376", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13722" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779432", "reference_id": "1779432", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779432" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-36", "reference_id": "mfsa2019-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-36" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-37", "reference_id": "mfsa2019-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-37" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-38", "reference_id": "mfsa2019-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-38" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-13722" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ksh4-qrvt-pbcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212834?format=api", "vulnerability_id": "VCID-kygy-bdda-cucb", "summary": "The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with junk data using the Mozilla Windows Updater, which runs with the Maintenance Service's privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33502", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33682", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33704", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33679", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7767" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7767" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kygy-bdda-cucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196989?format=api", "vulnerability_id": "VCID-m2tg-m821-7ka7", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.6486", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.6496", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64973", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64968", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5393" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5393" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2tg-m821-7ka7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6121?format=api", "vulnerability_id": "VCID-m44c-6w2a-qfgs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11736.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18158", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1815", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18175", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11736" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748662", "reference_id": "1748662", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748662" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25", "reference_id": "mfsa2019-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-26", "reference_id": "mfsa2019-26", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11736" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m44c-6w2a-qfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196993?format=api", "vulnerability_id": "VCID-m7bj-3gpe-ryhb", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31469", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3166", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31678", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31661", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5387" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5387" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7bj-3gpe-ryhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/126150?format=api", "vulnerability_id": "VCID-mezt-n3md-k3bt", "summary": "Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2857.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42364", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42538", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42549", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42527", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2857" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355327", "reference_id": "2355327", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355327" }, { "reference_url": "https://issues.chromium.org/issues/405143032", "reference_id": "405143032", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/" } ], "url": "https://issues.chromium.org/issues/405143032" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2025-2783", "reference_id": "CVERecord?id=CVE-2025-2783", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2025-2783" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-19", "reference_id": "mfsa2025-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-19" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-19/", "reference_id": "mfsa2025-19", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-19/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1956398", "reference_id": "show_bug.cgi?id=1956398", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1956398" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-2857" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mezt-n3md-k3bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212816?format=api", "vulnerability_id": "VCID-mjuu-r5ph-f7hg", "summary": "When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9072", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59179", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59291", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59304", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59295", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9072" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9072" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mjuu-r5ph-f7hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2036?format=api", "vulnerability_id": "VCID-mpc6-cgfn-m3dj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9073.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9073.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74677", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74689", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74606", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74691", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9073" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396545", "reference_id": "1396545", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396545" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9073" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mpc6-cgfn-m3dj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183550?format=api", "vulnerability_id": "VCID-mpp4-8d5x-bqd1", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82808", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82743", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82805", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0171", "scoring_system": "epss", "scoring_elements": "0.82812", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5256" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377666", "reference_id": "1377666", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377666" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5256" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mpp4-8d5x-bqd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183557?format=api", "vulnerability_id": "VCID-mrsd-y1rc-8ue4", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60808", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60701", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60807", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60817", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377675", "reference_id": "1377675", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377675" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5282" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mrsd-y1rc-8ue4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1099?format=api", "vulnerability_id": "VCID-n789-s7yc-cued", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2815.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2815.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2815", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49793", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49929", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49948", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49934", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2815" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342890", "reference_id": "1342890", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2815", "reference_id": "CVE-2016-2815", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2815" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49", "reference_id": "mfsa2016-49", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2815" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n789-s7yc-cued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140541?format=api", "vulnerability_id": "VCID-nhn5-tjfq-buf9", "summary": "Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. \n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.59161", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.59046", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.59159", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.5917", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29545" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186108", "reference_id": "2186108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186108" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823077", "reference_id": "show_bug.cgi?id=1823077", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823077" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29545" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhn5-tjfq-buf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25259?format=api", "vulnerability_id": "VCID-nkbh-m94m-y3ax", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4082.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4082.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4082", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39374", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39385", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39361", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.3919", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4082" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362903", "reference_id": "2362903", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362903" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-28/", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-29/", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-30/", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-31/", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-32/", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-32/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1937097", "reference_id": "show_bug.cgi?id=1937097", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1937097" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4082" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nkbh-m94m-y3ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183552?format=api", "vulnerability_id": "VCID-nnfc-5tfm-vqca", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59181", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59293", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59305", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.59297", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267", "reference_id": "CVE-2016-5267", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-82", "reference_id": "mfsa2016-82", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-82" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5267" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnfc-5tfm-vqca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1107?format=api", "vulnerability_id": "VCID-nqdz-ct3u-5fcv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00924", "scoring_system": "epss", "scoring_elements": "0.76463", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00924", "scoring_system": "epss", "scoring_elements": "0.76533", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00924", "scoring_system": "epss", "scoring_elements": "0.76547", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00924", "scoring_system": "epss", "scoring_elements": "0.76542", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824", "reference_id": "CVE-2016-2824", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-53", "reference_id": "mfsa2016-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-53" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2824" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqdz-ct3u-5fcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140005?format=api", "vulnerability_id": "VCID-nqhf-g3y1-6kag", "summary": "When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4583", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34927", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34748", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34926", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34949", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4583" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236082", "reference_id": "2236082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236082" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4945", "reference_id": "RHSA-2023:4945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4946", "reference_id": "RHSA-2023:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4947", "reference_id": "RHSA-2023:4947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4948", "reference_id": "RHSA-2023:4948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4949", "reference_id": "RHSA-2023:4949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4950", "reference_id": "RHSA-2023:4950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4951", "reference_id": "RHSA-2023:4951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4952", "reference_id": "RHSA-2023:4952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4954", "reference_id": "RHSA-2023:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4955", "reference_id": "RHSA-2023:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4956", "reference_id": "RHSA-2023:4956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4957", "reference_id": "RHSA-2023:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4958", "reference_id": "RHSA-2023:4958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4959", "reference_id": "RHSA-2023:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5019", "reference_id": "RHSA-2023:5019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5019" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842030", "reference_id": "show_bug.cgi?id=1842030", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842030" }, { "reference_url": "https://usn.ubuntu.com/6320-1/", "reference_id": "USN-6320-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6320-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42184?format=api", "purl": "pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4583" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqhf-g3y1-6kag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212881?format=api", "vulnerability_id": "VCID-nqv5-huzk-ebgu", "summary": "Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5124.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5124.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68645", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68737", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68751", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68747", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540431", "reference_id": "1540431", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540431" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5124", "reference_id": "CVE-2018-5124", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5124" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-05", "reference_id": "mfsa2018-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-05" }, { "reference_url": "https://usn.ubuntu.com/3552-1/", "reference_id": "USN-3552-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3552-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5124" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqv5-huzk-ebgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8330?format=api", "vulnerability_id": "VCID-nqwq-ym6b-4kcd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58236", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58122", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58242", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.58252", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-26966" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898740", "reference_id": "1898740", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898740" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-50", "reference_id": "mfsa2020-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-50" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-51", "reference_id": "mfsa2020-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-51" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-52", "reference_id": "mfsa2020-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-26966" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqwq-ym6b-4kcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140703?format=api", "vulnerability_id": "VCID-nr9j-x54b-rfey", "summary": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.69149", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.6905", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.69142", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.69154", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29531" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186099", "reference_id": "2186099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186099" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292", "reference_id": "show_bug.cgi?id=1794292", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794292" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29531" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nr9j-x54b-rfey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1515?format=api", "vulnerability_id": "VCID-p277-k4nu-wqbt", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5268.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5268.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63878", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63764", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63867", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6388", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361996", "reference_id": "1361996", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5268", "reference_id": "CVE-2016-5268", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5268" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-83", "reference_id": "mfsa2016-83", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-83" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5268" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p277-k4nu-wqbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18071?format=api", "vulnerability_id": "VCID-p8c1-r8d6-7kfs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44648", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44803", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44815", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44799", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11691" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328940", "reference_id": "2328940", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328940" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-65", "reference_id": "mfsa2024-65", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-65" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-65/", "reference_id": "mfsa2024-65", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-65/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-70", "reference_id": "mfsa2024-70", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-70" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-70/", "reference_id": "mfsa2024-70", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-70/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914707", "reference_id": "show_bug.cgi?id=1914707", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914707" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924184", "reference_id": "show_bug.cgi?id=1924184", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924184" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-11691" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p8c1-r8d6-7kfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1115?format=api", "vulnerability_id": "VCID-ps8e-3667-kfap", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2833.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2833.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57149", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57268", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57282", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57275", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2833" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342900", "reference_id": "1342900", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2833", "reference_id": "CVE-2016-2833", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2833" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-60", "reference_id": "mfsa2016-60", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-60" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2833" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ps8e-3667-kfap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2029?format=api", "vulnerability_id": "VCID-psnj-1w5y-wuhw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9063", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0271", "scoring_system": "epss", "scoring_elements": "0.8629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0271", "scoring_system": "epss", "scoring_elements": "0.86232", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0271", "scoring_system": "epss", "scoring_elements": "0.86282", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0271", "scoring_system": "epss", "scoring_elements": "0.86293", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396540", "reference_id": "1396540", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396540" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/ASA-201706-32", "reference_id": "ASA-201706-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-32" }, { "reference_url": "https://security.archlinux.org/ASA-201707-27", "reference_id": "ASA-201707-27", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-27" }, { "reference_url": "https://security.archlinux.org/AVG-305", "reference_id": "AVG-305", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-305" }, { "reference_url": "https://security.archlinux.org/AVG-306", "reference_id": "AVG-306", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-306" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9063" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psnj-1w5y-wuhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129503?format=api", "vulnerability_id": "VCID-pwn9-e1hx-aybg", "summary": "A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24714", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24522", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24718", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25743" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170376", "reference_id": "2170376", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170376" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800203", "reference_id": "show_bug.cgi?id=1800203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800203" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-25743" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pwn9-e1hx-aybg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1518?format=api", "vulnerability_id": "VCID-q6n2-vxeh-5uhq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5288.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5288.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5288", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00722", "scoring_system": "epss", "scoring_elements": "0.7307", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00722", "scoring_system": "epss", "scoring_elements": "0.7298", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00722", "scoring_system": "epss", "scoring_elements": "0.73057", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00722", "scoring_system": "epss", "scoring_elements": "0.73072", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5288" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1387588", "reference_id": "1387588", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1387588" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-87", "reference_id": "mfsa2016-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-87" }, { "reference_url": "https://usn.ubuntu.com/3111-1/", "reference_id": "USN-3111-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3111-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5288" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6n2-vxeh-5uhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1503?format=api", "vulnerability_id": "VCID-q76t-5u88-d7ad", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5251.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5251.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5251", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68442", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68345", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68434", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68447", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5251" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361978", "reference_id": "1361978", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5251", "reference_id": "CVE-2016-5251", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5251" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-66", "reference_id": "mfsa2016-66", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-66" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5251" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q76t-5u88-d7ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212805?format=api", "vulnerability_id": "VCID-qb2d-y3e2-huc3", "summary": "Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33192", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33374", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33393", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33368", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2669" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2669" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qb2d-y3e2-huc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1100?format=api", "vulnerability_id": "VCID-qj5h-knba-6fgm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.48136", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.48274", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.4829", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.48275", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2816" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330282", "reference_id": "1330282", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816", "reference_id": "CVE-2016-2816", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-45", "reference_id": "mfsa2016-45", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-45" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qj5h-knba-6fgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170061?format=api", "vulnerability_id": "VCID-qkrj-fmey-wbcy", "summary": "The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35323", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35142", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3532", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35344", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34478" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102167", "reference_id": "2102167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102167" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-24/", "reference_id": "mfsa2022-24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-24/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-25/", "reference_id": "mfsa2022-25", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-26/", "reference_id": "mfsa2022-26", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-26/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773717", "reference_id": "show_bug.cgi?id=1773717", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-34478" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkrj-fmey-wbcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1517?format=api", "vulnerability_id": "VCID-r4dz-2h7g-pbc1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5287.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5287.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68933", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.6883", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68924", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68937", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5287" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1387586", "reference_id": "1387586", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1387586" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-87", "reference_id": "mfsa2016-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-87" }, { "reference_url": "https://usn.ubuntu.com/3111-1/", "reference_id": "USN-3111-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3111-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5287" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r4dz-2h7g-pbc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133313?format=api", "vulnerability_id": "VCID-r8g4-zz2s-sfh7", "summary": "A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49458", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49315", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49452", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.4947", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5168" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240892", "reference_id": "2240892", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240892" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-41", "reference_id": "mfsa2023-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-41/", "reference_id": "mfsa2023-41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-42", "reference_id": "mfsa2023-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-42/", "reference_id": "mfsa2023-42", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-43", "reference_id": "mfsa2023-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-43/", "reference_id": "mfsa2023-43", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-43/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846683", "reference_id": "show_bug.cgi?id=1846683", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846683" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5168" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8g4-zz2s-sfh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2213?format=api", "vulnerability_id": "VCID-rbzd-h3y1-wfgp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01539", "scoring_system": "epss", "scoring_elements": "0.81828", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01539", "scoring_system": "epss", "scoring_elements": "0.81765", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01539", "scoring_system": "epss", "scoring_elements": "0.81826", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01539", "scoring_system": "epss", "scoring_elements": "0.81835", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9896" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9896" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rbzd-h3y1-wfgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133624?format=api", "vulnerability_id": "VCID-rg51-rzun-u7aq", "summary": "If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.\n*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63973", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63858", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63961", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63975", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5174" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240895", "reference_id": "2240895", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240895" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-41", "reference_id": "mfsa2023-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-41/", "reference_id": "mfsa2023-41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-42", "reference_id": "mfsa2023-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-42/", "reference_id": "mfsa2023-42", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-43", "reference_id": "mfsa2023-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-43/", "reference_id": "mfsa2023-43", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-43/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1848454", "reference_id": "show_bug.cgi?id=1848454", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1848454" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5174" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rg51-rzun-u7aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196994?format=api", "vulnerability_id": "VCID-rpns-xxft-9ff2", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.7676", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.7683", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76844", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76838", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5385" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5385" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rpns-xxft-9ff2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140212?format=api", "vulnerability_id": "VCID-rqb9-n7mt-wkce", "summary": "When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4054", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10539", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10574", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10599", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10597", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4054" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228366", "reference_id": "2228366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228366" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-30", "reference_id": "mfsa2023-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-30/", "reference_id": "mfsa2023-30", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-31", "reference_id": "mfsa2023-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-31/", "reference_id": "mfsa2023-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-32", "reference_id": "mfsa2023-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-32/", "reference_id": "mfsa2023-32", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-33", "reference_id": "mfsa2023-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-33/", "reference_id": "mfsa2023-33", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-33/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1840777", "reference_id": "show_bug.cgi?id=1840777", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1840777" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4054" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqb9-n7mt-wkce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17875?format=api", "vulnerability_id": "VCID-rrdh-n6hv-h3er", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38743", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38558", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3873", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38753", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5726" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245901", "reference_id": "2245901", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245901" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-45", "reference_id": "mfsa2023-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-45/", "reference_id": "mfsa2023-45", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-46", "reference_id": "mfsa2023-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-46/", "reference_id": "mfsa2023-46", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-47", "reference_id": "mfsa2023-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-47/", "reference_id": "mfsa2023-47", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-47/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846205", "reference_id": "show_bug.cgi?id=1846205", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846205" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5726" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrdh-n6hv-h3er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212828?format=api", "vulnerability_id": "VCID-rrhm-t616-9ke1", "summary": "The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a special path to the callback parameter through the Mozilla Maintenance Service, allowing the manipulation of files in the installation directory and privilege escalation by manipulating the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33597", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33777", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33799", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33774", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7760" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7760" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrhm-t616-9ke1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/164536?format=api", "vulnerability_id": "VCID-ruk3-gdnn-cugr", "summary": "A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38476.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40522", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40343", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.4051", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40533", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38476" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120678", "reference_id": "2120678", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120678" }, { "reference_url": "https://security.gentoo.org/glsa/202208-37", "reference_id": "GLSA-202208-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-37" }, { "reference_url": "https://security.gentoo.org/glsa/202208-38", "reference_id": "GLSA-202208-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-38" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-34", "reference_id": "mfsa2022-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-34/", "reference_id": "mfsa2022-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:23:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-36", "reference_id": "mfsa2022-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-36/", "reference_id": "mfsa2022-36", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:23:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-36/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6164", "reference_id": "RHSA-2022:6164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6165", "reference_id": "RHSA-2022:6165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6166", "reference_id": "RHSA-2022:6166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6167", "reference_id": "RHSA-2022:6167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6168", "reference_id": "RHSA-2022:6168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6169", "reference_id": "RHSA-2022:6169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6174", "reference_id": "RHSA-2022:6174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6175", "reference_id": "RHSA-2022:6175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6176", "reference_id": "RHSA-2022:6176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6177", "reference_id": "RHSA-2022:6177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6178", "reference_id": "RHSA-2022:6178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6179", "reference_id": "RHSA-2022:6179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6179" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760998", "reference_id": "show_bug.cgi?id=1760998", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:23:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1760998" }, { "reference_url": "https://usn.ubuntu.com/5663-1/", "reference_id": "USN-5663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42157?format=api", "purl": "pkg:deb/debian/firefox-esr@102.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-38476" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ruk3-gdnn-cugr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196999?format=api", "vulnerability_id": "VCID-rx9t-9db6-cbgv", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83398", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83459", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83468", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83465", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5377" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5377" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rx9t-9db6-cbgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183555?format=api", "vulnerability_id": "VCID-rxk4-t2wp-77d3", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82655", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82591", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82653", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.8266", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5275" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377667", "reference_id": "1377667", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377667" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5275" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxk4-t2wp-77d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212916?format=api", "vulnerability_id": "VCID-s3dj-v4yr-fkc9", "summary": "During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17021.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17021.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65092", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65193", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65204", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65202", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17021" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788725", "reference_id": "1788725", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788725" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-01", "reference_id": "mfsa2020-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-02", "reference_id": "mfsa2020-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-04", "reference_id": "mfsa2020-04", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-17021" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3dj-v4yr-fkc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212908?format=api", "vulnerability_id": "VCID-s3x1-81jk-a3as", "summary": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won't prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5174.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5174.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.68049", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.68137", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.6815", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.68146", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5174" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576274", "reference_id": "1576274", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576274" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5174" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3x1-81jk-a3as" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140754?format=api", "vulnerability_id": "VCID-s7pv-km8j-k3ac", "summary": "A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24587", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24785", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24797", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29532" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186100", "reference_id": "2186100", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186100" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1806394", "reference_id": "show_bug.cgi?id=1806394", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1806394" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29532" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7pv-km8j-k3ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2032?format=api", "vulnerability_id": "VCID-s96w-66ft-6bdq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9067.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9067.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01358", "scoring_system": "epss", "scoring_elements": "0.80624", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01358", "scoring_system": "epss", "scoring_elements": "0.80627", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01358", "scoring_system": "epss", "scoring_elements": "0.80563", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01358", "scoring_system": "epss", "scoring_elements": "0.80635", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9067" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396539", "reference_id": "1396539", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396539" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9067" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s96w-66ft-6bdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2043?format=api", "vulnerability_id": "VCID-sbd7-awjb-jqap", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9080", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83465", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83398", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83459", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83468", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9080" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9080" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbd7-awjb-jqap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1101?format=api", "vulnerability_id": "VCID-sest-bfue-63gg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61103", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61208", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61217", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61214", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2817" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330285", "reference_id": "1330285", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817", "reference_id": "CVE-2016-2817", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-46", "reference_id": "mfsa2016-46", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-46" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2817" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sest-bfue-63gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9941?format=api", "vulnerability_id": "VCID-sgad-z5pa-jkd7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38501", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66592", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66605", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66607", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66499", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38501" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011101", "reference_id": "2011101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011101" }, { "reference_url": "https://security.archlinux.org/AVG-2443", "reference_id": "AVG-2443", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2443" }, { "reference_url": "https://security.archlinux.org/AVG-2459", "reference_id": "AVG-2459", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2459" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43", "reference_id": "mfsa2021-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45", "reference_id": "mfsa2021-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47", "reference_id": "mfsa2021-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3755", "reference_id": "RHSA-2021:3755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3756", "reference_id": "RHSA-2021:3756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3757", "reference_id": "RHSA-2021:3757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3791", "reference_id": "RHSA-2021:3791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3838", "reference_id": "RHSA-2021:3838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3839", "reference_id": "RHSA-2021:3839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3840", "reference_id": "RHSA-2021:3840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3841", "reference_id": "RHSA-2021:3841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3841" }, { "reference_url": "https://usn.ubuntu.com/5107-1/", "reference_id": "USN-5107-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5107-1/" }, { "reference_url": "https://usn.ubuntu.com/5132-1/", "reference_id": "USN-5132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5132-1/" }, { "reference_url": "https://usn.ubuntu.com/5248-1/", "reference_id": "USN-5248-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5248-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-38501" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgad-z5pa-jkd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2033?format=api", "vulnerability_id": "VCID-sqnc-n11z-tqhr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9068.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9068.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01719", "scoring_system": "epss", "scoring_elements": "0.82866", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01719", "scoring_system": "epss", "scoring_elements": "0.82801", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01719", "scoring_system": "epss", "scoring_elements": "0.82862", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01719", "scoring_system": "epss", "scoring_elements": "0.82871", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9068" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396542", "reference_id": "1396542", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396542" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9068" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqnc-n11z-tqhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1097?format=api", "vulnerability_id": "VCID-swh9-hapj-v7bf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.6512", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.6522", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65231", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65229", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2813" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330278", "reference_id": "1330278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813", "reference_id": "CVE-2016-2813", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-43", "reference_id": "mfsa2016-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-43" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2813" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swh9-hapj-v7bf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212928?format=api", "vulnerability_id": "VCID-t1cd-d54e-5yhm", "summary": "Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36936", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37114", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.3714", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37125", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15650" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870410", "reference_id": "1870410", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870410" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31", "reference_id": "mfsa2020-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-15650" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t1cd-d54e-5yhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7622?format=api", "vulnerability_id": "VCID-t4r8-auts-8yca", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.7188", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71795", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71891", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71894", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831945", "reference_id": "1831945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831945" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12389" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4r8-auts-8yca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196990?format=api", "vulnerability_id": "VCID-t7gs-maju-c3fe", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85518", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85569", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85579", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85571", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5391" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5391" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7gs-maju-c3fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6134?format=api", "vulnerability_id": "VCID-tqq2-t879-uuhk", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66528", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66435", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66541", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00501", "scoring_system": "epss", "scoring_elements": "0.66543", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11751" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748668", "reference_id": "1748668", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748668" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25", "reference_id": "mfsa2019-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-26", "reference_id": "mfsa2019-26", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11751" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tqq2-t879-uuhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1094?format=api", "vulnerability_id": "VCID-tzas-8qm7-m3cx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50892", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.51024", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.51039", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.51026", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330274", "reference_id": "1330274", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810", "reference_id": "CVE-2016-2810", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-41", "reference_id": "mfsa2016-41", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-41" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2810" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzas-8qm7-m3cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25835?format=api", "vulnerability_id": "VCID-u8nr-sdza-57b2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33706", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33731", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33709", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33529", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374560", "reference_id": "2374560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374560" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-51/", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-53/", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-53/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-54/", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-54/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-55/", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-55/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1964385", "reference_id": "show_bug.cgi?id=1964385", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1964385" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-6426" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8nr-sdza-57b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196995?format=api", "vulnerability_id": "VCID-unmt-jsyx-f3bg", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73948", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73963", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5384" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5384" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-unmt-jsyx-f3bg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140187?format=api", "vulnerability_id": "VCID-uzu6-54x4-b3f9", "summary": "A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34808", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34827", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34802", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34624", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4053" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236078", "reference_id": "2236078", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236078" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "reference_id": "mfsa2023-29", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4945", "reference_id": "RHSA-2023:4945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4946", "reference_id": "RHSA-2023:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4947", "reference_id": "RHSA-2023:4947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4948", "reference_id": "RHSA-2023:4948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4949", "reference_id": "RHSA-2023:4949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4950", "reference_id": "RHSA-2023:4950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4951", "reference_id": "RHSA-2023:4951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4952", "reference_id": "RHSA-2023:4952", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4952" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4954", "reference_id": "RHSA-2023:4954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4955", "reference_id": "RHSA-2023:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4956", "reference_id": "RHSA-2023:4956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4957", "reference_id": "RHSA-2023:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4958", "reference_id": "RHSA-2023:4958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4959", "reference_id": "RHSA-2023:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5019", "reference_id": "RHSA-2023:5019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5019" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839079", "reference_id": "show_bug.cgi?id=1839079", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839079" }, { "reference_url": "https://usn.ubuntu.com/6267-1/", "reference_id": "USN-6267-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6267-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42184?format=api", "purl": "pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4053" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uzu6-54x4-b3f9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/130462?format=api", "vulnerability_id": "VCID-v5yj-mbn7-kkgj", "summary": "When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34299", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.3432", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34295", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34118", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23599" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162339", "reference_id": "2162339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162339" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-01", "reference_id": "mfsa2023-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-01/", "reference_id": "mfsa2023-01", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-02", "reference_id": "mfsa2023-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-02/", "reference_id": "mfsa2023-02", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-03", "reference_id": "mfsa2023-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-03/", "reference_id": "mfsa2023-03", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0285", "reference_id": "RHSA-2023:0285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0286", "reference_id": "RHSA-2023:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0288", "reference_id": "RHSA-2023:0288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0289", "reference_id": "RHSA-2023:0289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0290", "reference_id": "RHSA-2023:0290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0294", "reference_id": "RHSA-2023:0294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0295", "reference_id": "RHSA-2023:0295", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0295" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0296", "reference_id": "RHSA-2023:0296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0456", "reference_id": "RHSA-2023:0456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0457", "reference_id": "RHSA-2023:0457", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0457" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0459", "reference_id": "RHSA-2023:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0460", "reference_id": "RHSA-2023:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0461", "reference_id": "RHSA-2023:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0462", "reference_id": "RHSA-2023:0462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0463", "reference_id": "RHSA-2023:0463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0476", "reference_id": "RHSA-2023:0476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0476" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777800", "reference_id": "show_bug.cgi?id=1777800", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777800" }, { "reference_url": "https://usn.ubuntu.com/5816-1/", "reference_id": "USN-5816-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5816-1/" }, { "reference_url": "https://usn.ubuntu.com/5824-1/", "reference_id": "USN-5824-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5824-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-23599" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5yj-mbn7-kkgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212833?format=api", "vulnerability_id": "VCID-v83h-67f5-yuck", "summary": "An attack using manipulation of \"updater.ini\" contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution and deletion by the Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38639", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38812", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38835", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38825", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7766" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7766" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v83h-67f5-yuck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1519?format=api", "vulnerability_id": "VCID-v9a7-k1sv-33g1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5289.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5289.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5289", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01811", "scoring_system": "epss", "scoring_elements": "0.83298", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01811", "scoring_system": "epss", "scoring_elements": "0.83303", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01811", "scoring_system": "epss", "scoring_elements": "0.83237", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01811", "scoring_system": "epss", "scoring_elements": "0.83307", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5289" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395098", "reference_id": "1395098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395098" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-5289" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v9a7-k1sv-33g1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3567?format=api", "vulnerability_id": "VCID-vbw2-xvku-4bcv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5430.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5430.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5430", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73581", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73594", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73507", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73596", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5430" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443331", "reference_id": "1443331", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443331" }, { "reference_url": "https://security.archlinux.org/ASA-201704-6", "reference_id": "ASA-201704-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201704-6" }, { "reference_url": "https://security.archlinux.org/AVG-249", "reference_id": "AVG-249", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-249" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10", "reference_id": "mfsa2017-10", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12", "reference_id": "mfsa2017-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13", "reference_id": "mfsa2017-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1106", "reference_id": "RHSA-2017:1106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1106" }, { "reference_url": "https://usn.ubuntu.com/3260-1/", "reference_id": "USN-3260-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3260-1/" }, { "reference_url": "https://usn.ubuntu.com/3278-1/", "reference_id": "USN-3278-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3278-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5430" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbw2-xvku-4bcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140633?format=api", "vulnerability_id": "VCID-vjzb-cksu-8uad", "summary": "A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33077", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33255", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33278", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33258", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29542" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186107", "reference_id": "2186107", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186107" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810793", "reference_id": "show_bug.cgi?id=1810793", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810793" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1815062", "reference_id": "show_bug.cgi?id=1815062", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1815062" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29542" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjzb-cksu-8uad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30176?format=api", "vulnerability_id": "VCID-vnae-cbn4-aqh6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8959.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8959.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37422", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37436", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37411", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37234", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8959" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479861", "reference_id": "2479861", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479861" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2034754", "reference_id": "show_bug.cgi?id=2034754", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2034754" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-8959" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnae-cbn4-aqh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/139903?format=api", "vulnerability_id": "VCID-vqq5-t48g-z3ap", "summary": "On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46698", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46836", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46855", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46841", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4576" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236074", "reference_id": "2236074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236074" }, { "reference_url": "https://security.gentoo.org/glsa/202402-25", "reference_id": "GLSA-202402-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "reference_id": "mfsa2023-34", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-35", "reference_id": "mfsa2023-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-35/", "reference_id": "mfsa2023-35", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-36/", "reference_id": "mfsa2023-36", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-37", "reference_id": "mfsa2023-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-37/", "reference_id": "mfsa2023-37", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-38/", "reference_id": "mfsa2023-38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846694", "reference_id": "show_bug.cgi?id=1846694", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846694" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-4576" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vqq5-t48g-z3ap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7621?format=api", "vulnerability_id": "VCID-vv6p-8cn3-z7fj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69305", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69213", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69311", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69317", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831944", "reference_id": "1831944", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831944" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12388" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vv6p-8cn3-z7fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1109?format=api", "vulnerability_id": "VCID-vwjv-ym6f-83e3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2826", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1696", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.17115", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.17128", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.171", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2826" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826", "reference_id": "CVE-2016-2826", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-55", "reference_id": "mfsa2016-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-55" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2826" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vwjv-ym6f-83e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/727?format=api", "vulnerability_id": "VCID-wcnf-9kfp-nqcf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02827", "scoring_system": "epss", "scoring_elements": "0.86487", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02827", "scoring_system": "epss", "scoring_elements": "0.86538", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02827", "scoring_system": "epss", "scoring_elements": "0.86548", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02827", "scoring_system": "epss", "scoring_elements": "0.86546", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296102", "reference_id": "1296102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296102" }, { "reference_url": "https://security.gentoo.org/glsa/201701-21", "reference_id": "GLSA-201701-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-68", "reference_id": "mfsa2016-68", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-68" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2824", "reference_id": "RHSA-2016:2824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2486", "reference_id": "RHSA-2018:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2486" }, { "reference_url": "https://usn.ubuntu.com/2983-1/", "reference_id": "USN-2983-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2983-1/" }, { "reference_url": "https://usn.ubuntu.com/3013-1/", "reference_id": "USN-3013-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3013-1/" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" }, { "reference_url": "https://usn.ubuntu.com/7199-1/", "reference_id": "USN-7199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7199-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5455-1/", "reference_id": "USN-USN-5455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5455-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0718" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wcnf-9kfp-nqcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2220?format=api", "vulnerability_id": "VCID-wcq9-awh7-2qa6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72774", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72685", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72761", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72776", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:M/C:N/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9903" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wcq9-awh7-2qa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/197241?format=api", "vulnerability_id": "VCID-wdsq-6fq7-rqgz", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54706", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54582", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54722", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29964" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966830", "reference_id": "1966830", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966830" }, { "reference_url": "https://security.archlinux.org/AVG-2019", "reference_id": "AVG-2019", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2019" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23", "reference_id": "mfsa2021-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24", "reference_id": "mfsa2021-24", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-24" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26", "reference_id": "mfsa2021-26", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-29964" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdsq-6fq7-rqgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1096?format=api", "vulnerability_id": "VCID-whxt-hpbp-hfhd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70866", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70956", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70969", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70966", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2812" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330277", "reference_id": "1330277", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812", "reference_id": "CVE-2016-2812", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-42", "reference_id": "mfsa2016-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-42" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2812" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-whxt-hpbp-hfhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7406?format=api", "vulnerability_id": "VCID-wpy8-tja9-aqf7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.58008", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57896", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.58014", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.58024", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9818" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712627", "reference_id": "1712627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712627" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-13", "reference_id": "mfsa2019-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-14", "reference_id": "mfsa2019-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-15", "reference_id": "mfsa2019-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9818" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpy8-tja9-aqf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183548?format=api", "vulnerability_id": "VCID-x6nc-pqzh-vyab", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2827.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2827.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2827", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63979", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.64082", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.64095", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.64092", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2827" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377660", "reference_id": "1377660", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377660" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-2827" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6nc-pqzh-vyab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/197000?format=api", "vulnerability_id": "VCID-x8ur-qphq-sua1", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5374", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83398", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83459", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83468", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83465", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5374" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5374" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8ur-qphq-sua1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8695?format=api", "vulnerability_id": "VCID-xg6t-s67m-fkhv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.7033", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.7024", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.70341", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.70344", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6797" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801917", "reference_id": "1801917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801917" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-05", "reference_id": "mfsa2020-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-06", "reference_id": "mfsa2020-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-07", "reference_id": "mfsa2020-07", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-6797" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xg6t-s67m-fkhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12011?format=api", "vulnerability_id": "VCID-xpg4-sdv1-2fa7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.6781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67814", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67801", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67712", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31739" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092022", "reference_id": "2092022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092022" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-20/", "reference_id": "mfsa2022-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-21/", "reference_id": "mfsa2022-21", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-22/", "reference_id": "mfsa2022-22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-22/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765049", "reference_id": "show_bug.cgi?id=1765049", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1765049" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-31739" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpg4-sdv1-2fa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25261?format=api", "vulnerability_id": "VCID-y3yn-u9a4-duf7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4084.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4084.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4084", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40498", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40509", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40486", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40319", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4084" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362911", "reference_id": "2362911", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362911" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198", "reference_id": "buglist.cgi?bug_id=1949994%2C1956698%2C1960198", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-29/", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-30/", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-32/", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-32/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4084" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3yn-u9a4-duf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212920?format=api", "vulnerability_id": "VCID-y4wf-fhdd-ffgm", "summary": "If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9815", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00995", "scoring_system": "epss", "scoring_elements": "0.77363", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00995", "scoring_system": "epss", "scoring_elements": "0.77432", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00995", "scoring_system": "epss", "scoring_elements": "0.77447", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00995", "scoring_system": "epss", "scoring_elements": "0.77438", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9815" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712624", "reference_id": "1712624", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712624" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-13", "reference_id": "mfsa2019-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-14", "reference_id": "mfsa2019-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-15", "reference_id": "mfsa2019-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9815" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4wf-fhdd-ffgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/196991?format=api", "vulnerability_id": "VCID-z5s7-q73z-4bdr", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59493", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59603", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59614", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59604", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5389" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5389" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5s7-q73z-4bdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6557?format=api", "vulnerability_id": "VCID-zm7u-xw4t-yugz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33441", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33436", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33259", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33461", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779433", "reference_id": "1779433", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779433" }, { "reference_url": "https://security.archlinux.org/ASA-201912-1", "reference_id": "ASA-201912-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201912-1" }, { "reference_url": "https://security.archlinux.org/AVG-1071", "reference_id": "AVG-1071", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1071" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-36", "reference_id": "mfsa2019-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-36" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-37", "reference_id": "mfsa2019-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-37" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-38", "reference_id": "mfsa2019-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-38" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-17009" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zm7u-xw4t-yugz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3548?format=api", "vulnerability_id": "VCID-zr3g-9q6p-xkgt", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2899", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28782", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28983", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29003", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5409" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.5", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-5409" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zr3g-9q6p-xkgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6136?format=api", "vulnerability_id": "VCID-zt22-sjh9-akfz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19828", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19653", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1982", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19844", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11753" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748659", "reference_id": "1748659", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748659" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25", "reference_id": "mfsa2019-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-25" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-26", "reference_id": "mfsa2019-26", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-26" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-27", "reference_id": "mfsa2019-27", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2019-27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11753" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zt22-sjh9-akfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4639?format=api", "vulnerability_id": "VCID-zt28-szym-83ec", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12391.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68402", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68313", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.6841", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68415", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12391" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642181", "reference_id": "1642181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642181" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-26", "reference_id": "mfsa2018-26", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-26" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-27", "reference_id": "mfsa2018-27", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-27" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-28", "reference_id": "mfsa2018-28", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-28" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-12391" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zt28-szym-83ec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134633?format=api", "vulnerability_id": "VCID-ztv2-2eb6-1ubm", "summary": "When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28163", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33889", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33714", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33892", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33914", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28163" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178468", "reference_id": "2178468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178468" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1817768", "reference_id": "show_bug.cgi?id=1817768", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1817768" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28163" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztv2-2eb6-1ubm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9948?format=api", "vulnerability_id": "VCID-zvqs-sgjx-ckfd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38510", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62285", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62291", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62296", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.62183", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38510" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019629", "reference_id": "2019629", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019629" }, { "reference_url": "https://security.archlinux.org/AVG-2512", "reference_id": "AVG-2512", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2512" }, { "reference_url": "https://security.archlinux.org/AVG-2519", "reference_id": "AVG-2519", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2519" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48", "reference_id": "mfsa2021-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-48" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49", "reference_id": "mfsa2021-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-49" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50", "reference_id": "mfsa2021-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-50" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41799?format=api", "purl": "pkg:deb/debian/firefox-esr@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41784?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41782?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41786?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/41785?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zj6v-hmj8-syfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-38510" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvqs-sgjx-ckfd" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie" }