Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community

Type apk

Namespace alpine

Name firefox

Version 71.0.1-r0

Qualifiers

arch	x86
distroversion	v3.18
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 74.0-r0

Latest_non_vulnerable_version 119.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-6fvj-phnx-kfgs

vulnerability_id VCID-6fvj-phnx-kfgs

summary After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17023.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17023.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17023

reference_id

reference_type

scores

value	0.00899
scoring_system	epss
scoring_elements	0.75599
published_at	2026-04-01T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75699
published_at	2026-04-18T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75663
published_at	2026-04-12T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75695
published_at	2026-04-16T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75601
published_at	2026-04-02T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75632
published_at	2026-04-04T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75612
published_at	2026-04-07T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75646
published_at	2026-04-08T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75657
published_at	2026-04-13T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75682
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1791225
reference_id	1791225
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1791225

reference_url	https://security.archlinux.org/ASA-202001-1
reference_id	ASA-202001-1
reference_type
scores
url	https://security.archlinux.org/ASA-202001-1

reference_url

https://security.archlinux.org/AVG-1084

reference_id

AVG-1084

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1084

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_id

mfsa2020-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_url	https://access.redhat.com/errata/RHSA-2020:3280
reference_id	RHSA-2020:3280
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3280

reference_url	https://access.redhat.com/errata/RHSA-2020:4076
reference_id	RHSA-2020:4076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4076

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

reference_url	https://usn.ubuntu.com/4397-1/
reference_id	USN-4397-1
reference_type
scores
url	https://usn.ubuntu.com/4397-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17023

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fvj-phnx-kfgs

url VCID-7hkk-2k6p-vyc7

vulnerability_id VCID-7hkk-2k6p-vyc7

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17024.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17024.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17024

reference_id

reference_type

scores

value	0.03276
scoring_system	epss
scoring_elements	0.87192
published_at	2026-04-18T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87168
published_at	2026-04-09T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87181
published_at	2026-04-11T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87176
published_at	2026-04-12T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87171
published_at	2026-04-13T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87187
published_at	2026-04-16T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87116
published_at	2026-04-01T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87126
published_at	2026-04-02T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.87143
published_at	2026-04-04T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.8714
published_at	2026-04-07T12:55:00Z

value	0.03276
scoring_system	epss
scoring_elements	0.8716
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788727
reference_id	1788727
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788727

reference_url	https://security.archlinux.org/ASA-202001-1
reference_id	ASA-202001-1
reference_type
scores
url	https://security.archlinux.org/ASA-202001-1

reference_url	https://security.archlinux.org/ASA-202001-4
reference_id	ASA-202001-4
reference_type
scores
url	https://security.archlinux.org/ASA-202001-4

reference_url

https://security.archlinux.org/AVG-1084

reference_id

AVG-1084

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1084

reference_url

https://security.archlinux.org/AVG-1086

reference_id

AVG-1086

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1086

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_id

mfsa2020-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_id

mfsa2020-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_id

mfsa2020-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_url	https://access.redhat.com/errata/RHSA-2020:0085
reference_id	RHSA-2020:0085
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0085

reference_url	https://access.redhat.com/errata/RHSA-2020:0086
reference_id	RHSA-2020:0086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0086

reference_url	https://access.redhat.com/errata/RHSA-2020:0111
reference_id	RHSA-2020:0111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0111

reference_url	https://access.redhat.com/errata/RHSA-2020:0120
reference_id	RHSA-2020:0120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0120

reference_url	https://access.redhat.com/errata/RHSA-2020:0123
reference_id	RHSA-2020:0123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0123

reference_url	https://access.redhat.com/errata/RHSA-2020:0127
reference_id	RHSA-2020:0127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0127

reference_url	https://access.redhat.com/errata/RHSA-2020:0292
reference_id	RHSA-2020:0292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0292

reference_url	https://access.redhat.com/errata/RHSA-2020:0295
reference_id	RHSA-2020:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0295

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

reference_url	https://usn.ubuntu.com/4241-1/
reference_id	USN-4241-1
reference_type
scores
url	https://usn.ubuntu.com/4241-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17024

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7hkk-2k6p-vyc7

url VCID-9v4g-hwwe-3ybg

vulnerability_id VCID-9v4g-hwwe-3ybg

summary Mozilla developers Karl Tomlinson, Jason Kratzer, Tyson Smith, Jon Coppeard, and Christian Holler reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17025

reference_id

reference_type

scores

value	0.00704
scoring_system	epss
scoring_elements	0.72139
published_at	2026-04-18T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72046
published_at	2026-04-01T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72091
published_at	2026-04-13T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72131
published_at	2026-04-16T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72052
published_at	2026-04-02T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72073
published_at	2026-04-04T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72049
published_at	2026-04-07T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72086
published_at	2026-04-08T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72098
published_at	2026-04-09T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72121
published_at	2026-04-11T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72105
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17025

reference_url	https://security.archlinux.org/ASA-202001-1
reference_id	ASA-202001-1
reference_type
scores
url	https://security.archlinux.org/ASA-202001-1

reference_url

https://security.archlinux.org/AVG-1084

reference_id

AVG-1084

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1084

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_id

mfsa2020-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17025

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9v4g-hwwe-3ybg

url VCID-ap8s-63rs-jyff

vulnerability_id VCID-ap8s-63rs-jyff

summary If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17020.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17020.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17020

reference_id

reference_type

scores

value	0.00232
scoring_system	epss
scoring_elements	0.45965
published_at	2026-04-01T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46094
published_at	2026-04-18T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46042
published_at	2026-04-13T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46097
published_at	2026-04-16T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46017
published_at	2026-04-02T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46038
published_at	2026-04-09T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.45985
published_at	2026-04-07T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46041
published_at	2026-04-08T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46062
published_at	2026-04-11T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46034
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17020

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1790800
reference_id	1790800
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1790800

reference_url	https://security.archlinux.org/ASA-202001-1
reference_id	ASA-202001-1
reference_type
scores
url	https://security.archlinux.org/ASA-202001-1

reference_url

https://security.archlinux.org/AVG-1084

reference_id

AVG-1084

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1084

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_id

mfsa2020-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17020

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ap8s-63rs-jyff

url VCID-c4qs-a9kw-p3hc

vulnerability_id VCID-c4qs-a9kw-p3hc

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17017.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17017.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17017

reference_id

reference_type

scores

value	0.0263
scoring_system	epss
scoring_elements	0.85712
published_at	2026-04-18T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85677
published_at	2026-04-09T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85692
published_at	2026-04-11T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85688
published_at	2026-04-12T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85684
published_at	2026-04-13T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85706
published_at	2026-04-16T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85608
published_at	2026-04-01T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85621
published_at	2026-04-02T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85639
published_at	2026-04-04T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85645
published_at	2026-04-07T12:55:00Z

value	0.0263
scoring_system	epss
scoring_elements	0.85665
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788724
reference_id	1788724
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788724

reference_url	https://security.archlinux.org/ASA-202001-1
reference_id	ASA-202001-1
reference_type
scores
url	https://security.archlinux.org/ASA-202001-1

reference_url	https://security.archlinux.org/ASA-202001-4
reference_id	ASA-202001-4
reference_type
scores
url	https://security.archlinux.org/ASA-202001-4

reference_url

https://security.archlinux.org/AVG-1084

reference_id

AVG-1084

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1084

reference_url

https://security.archlinux.org/AVG-1086

reference_id

AVG-1086

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1086

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_id

mfsa2020-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_id

mfsa2020-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_id

mfsa2020-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_url	https://access.redhat.com/errata/RHSA-2020:0085
reference_id	RHSA-2020:0085
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0085

reference_url	https://access.redhat.com/errata/RHSA-2020:0086
reference_id	RHSA-2020:0086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0086

reference_url	https://access.redhat.com/errata/RHSA-2020:0111
reference_id	RHSA-2020:0111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0111

reference_url	https://access.redhat.com/errata/RHSA-2020:0120
reference_id	RHSA-2020:0120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0120

reference_url	https://access.redhat.com/errata/RHSA-2020:0123
reference_id	RHSA-2020:0123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0123

reference_url	https://access.redhat.com/errata/RHSA-2020:0127
reference_id	RHSA-2020:0127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0127

reference_url	https://access.redhat.com/errata/RHSA-2020:0292
reference_id	RHSA-2020:0292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0292

reference_url	https://access.redhat.com/errata/RHSA-2020:0295
reference_id	RHSA-2020:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0295

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

reference_url	https://usn.ubuntu.com/4241-1/
reference_id	USN-4241-1
reference_type
scores
url	https://usn.ubuntu.com/4241-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17017

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c4qs-a9kw-p3hc

url VCID-javq-3r82-73fq

vulnerability_id VCID-javq-3r82-73fq

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17022.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17022.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17022

reference_id

reference_type

scores

value	0.04633
scoring_system	epss
scoring_elements	0.89296
published_at	2026-04-18T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89276
published_at	2026-04-08T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89281
published_at	2026-04-09T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.8929
published_at	2026-04-11T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89286
published_at	2026-04-12T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89283
published_at	2026-04-13T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89236
published_at	2026-04-01T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89242
published_at	2026-04-02T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89257
published_at	2026-04-04T12:55:00Z

value	0.04633
scoring_system	epss
scoring_elements	0.89259
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788726
reference_id	1788726
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788726

reference_url	https://security.archlinux.org/ASA-202001-1
reference_id	ASA-202001-1
reference_type
scores
url	https://security.archlinux.org/ASA-202001-1

reference_url	https://security.archlinux.org/ASA-202001-4
reference_id	ASA-202001-4
reference_type
scores
url	https://security.archlinux.org/ASA-202001-4

reference_url

https://security.archlinux.org/AVG-1084

reference_id

AVG-1084

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1084

reference_url

https://security.archlinux.org/AVG-1086

reference_id

AVG-1086

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1086

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_id

mfsa2020-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_id

mfsa2020-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_id

mfsa2020-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_url	https://access.redhat.com/errata/RHSA-2020:0085
reference_id	RHSA-2020:0085
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0085

reference_url	https://access.redhat.com/errata/RHSA-2020:0086
reference_id	RHSA-2020:0086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0086

reference_url	https://access.redhat.com/errata/RHSA-2020:0111
reference_id	RHSA-2020:0111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0111

reference_url	https://access.redhat.com/errata/RHSA-2020:0120
reference_id	RHSA-2020:0120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0120

reference_url	https://access.redhat.com/errata/RHSA-2020:0123
reference_id	RHSA-2020:0123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0123

reference_url	https://access.redhat.com/errata/RHSA-2020:0127
reference_id	RHSA-2020:0127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0127

reference_url	https://access.redhat.com/errata/RHSA-2020:0292
reference_id	RHSA-2020:0292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0292

reference_url	https://access.redhat.com/errata/RHSA-2020:0295
reference_id	RHSA-2020:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0295

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

reference_url	https://usn.ubuntu.com/4241-1/
reference_id	USN-4241-1
reference_type
scores
url	https://usn.ubuntu.com/4241-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17022

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-javq-3r82-73fq

url VCID-x12h-hqf2-37cc

vulnerability_id VCID-x12h-hqf2-37cc

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17016.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17016.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17016

reference_id

reference_type

scores

value	0.03465
scoring_system	epss
scoring_elements	0.87551
published_at	2026-04-18T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.87532
published_at	2026-04-09T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.87544
published_at	2026-04-11T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.87539
published_at	2026-04-12T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.87536
published_at	2026-04-13T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.8755
published_at	2026-04-16T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.8748
published_at	2026-04-01T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.8749
published_at	2026-04-02T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.87504
published_at	2026-04-04T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.87506
published_at	2026-04-07T12:55:00Z

value	0.03465
scoring_system	epss
scoring_elements	0.87525
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788723
reference_id	1788723
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788723

reference_url	https://security.archlinux.org/ASA-202001-1
reference_id	ASA-202001-1
reference_type
scores
url	https://security.archlinux.org/ASA-202001-1

reference_url	https://security.archlinux.org/ASA-202001-4
reference_id	ASA-202001-4
reference_type
scores
url	https://security.archlinux.org/ASA-202001-4

reference_url

https://security.archlinux.org/AVG-1084

reference_id

AVG-1084

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1084

reference_url

https://security.archlinux.org/AVG-1086

reference_id

AVG-1086

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1086

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_id

mfsa2020-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_id

mfsa2020-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_id

mfsa2020-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_url	https://access.redhat.com/errata/RHSA-2020:0085
reference_id	RHSA-2020:0085
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0085

reference_url	https://access.redhat.com/errata/RHSA-2020:0086
reference_id	RHSA-2020:0086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0086

reference_url	https://access.redhat.com/errata/RHSA-2020:0111
reference_id	RHSA-2020:0111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0111

reference_url	https://access.redhat.com/errata/RHSA-2020:0120
reference_id	RHSA-2020:0120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0120

reference_url	https://access.redhat.com/errata/RHSA-2020:0123
reference_id	RHSA-2020:0123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0123

reference_url	https://access.redhat.com/errata/RHSA-2020:0127
reference_id	RHSA-2020:0127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0127

reference_url	https://access.redhat.com/errata/RHSA-2020:0292
reference_id	RHSA-2020:0292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0292

reference_url	https://access.redhat.com/errata/RHSA-2020:0295
reference_id	RHSA-2020:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0295

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

reference_url	https://usn.ubuntu.com/4241-1/
reference_id	USN-4241-1
reference_type
scores
url	https://usn.ubuntu.com/4241-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17016

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x12h-hqf2-37cc

url VCID-zbpq-qcww-6yg1

vulnerability_id VCID-zbpq-qcww-6yg1

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17026.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17026.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17026

reference_id

reference_type

scores

value	0.5907
scoring_system	epss
scoring_elements	0.98235
published_at	2026-04-18T12:55:00Z

value	0.5907
scoring_system	epss
scoring_elements	0.98233
published_at	2026-04-16T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98457
published_at	2026-04-07T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98453
published_at	2026-04-02T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98451
published_at	2026-04-01T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98464
published_at	2026-04-12T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98465
published_at	2026-04-13T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98462
published_at	2026-04-09T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98461
published_at	2026-04-08T12:55:00Z

value	0.64805
scoring_system	epss
scoring_elements	0.98456
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789214
reference_id	1789214
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789214

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948452
reference_id	948452
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948452

reference_url	https://security.archlinux.org/ASA-202001-3
reference_id	ASA-202001-3
reference_type
scores
url	https://security.archlinux.org/ASA-202001-3

reference_url	https://security.archlinux.org/ASA-202001-4
reference_id	ASA-202001-4
reference_type
scores
url	https://security.archlinux.org/ASA-202001-4

reference_url

https://security.archlinux.org/AVG-1085

reference_id

AVG-1085

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1085

reference_url

https://security.archlinux.org/AVG-1086

reference_id

AVG-1086

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1086

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86-64/local/49864.js
reference_id	CVE-2019-17026
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86-64/local/49864.js

reference_url

http://packetstormsecurity.com/files/162568/Firefox-72-IonMonkey-JIT-Type-Confusion.html

reference_id

Firefox-72-IonMonkey-JIT-Type-Confusion.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:48:51Z/

url

http://packetstormsecurity.com/files/162568/Firefox-72-IonMonkey-JIT-Type-Confusion.html

reference_url

https://security.gentoo.org/glsa/202003-02

reference_id

GLSA-202003-02

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:48:51Z/

url

https://security.gentoo.org/glsa/202003-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-03

reference_id

mfsa2020-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-03

reference_url

https://www.mozilla.org/security/advisories/mfsa2020-03/

reference_id

mfsa2020-03

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:48:51Z/

url

https://www.mozilla.org/security/advisories/mfsa2020-03/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_id

mfsa2020-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2020-04/

reference_id

mfsa2020-04

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:48:51Z/

url

https://www.mozilla.org/security/advisories/mfsa2020-04/

reference_url	https://access.redhat.com/errata/RHSA-2020:0085
reference_id	RHSA-2020:0085
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0085

reference_url	https://access.redhat.com/errata/RHSA-2020:0086
reference_id	RHSA-2020:0086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0086

reference_url	https://access.redhat.com/errata/RHSA-2020:0111
reference_id	RHSA-2020:0111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0111

reference_url	https://access.redhat.com/errata/RHSA-2020:0120
reference_id	RHSA-2020:0120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0120

reference_url	https://access.redhat.com/errata/RHSA-2020:0123
reference_id	RHSA-2020:0123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0123

reference_url	https://access.redhat.com/errata/RHSA-2020:0127
reference_id	RHSA-2020:0127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0127

reference_url	https://access.redhat.com/errata/RHSA-2020:0292
reference_id	RHSA-2020:0292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0292

reference_url	https://access.redhat.com/errata/RHSA-2020:0295
reference_id	RHSA-2020:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0295

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1607443

reference_id

show_bug.cgi?id=1607443

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:48:51Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1607443

reference_url	https://usn.ubuntu.com/4234-1/
reference_id	USN-4234-1
reference_type
scores
url	https://usn.ubuntu.com/4234-1/

reference_url	https://usn.ubuntu.com/4241-1/
reference_id	USN-4241-1
reference_type
scores
url	https://usn.ubuntu.com/4241-1/

reference_url

https://usn.ubuntu.com/4335-1/

reference_id

USN-4335-1

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T12:48:51Z/

url

https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@71.0.1-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

aliases CVE-2019-17026

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbpq-qcww-6yg1

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@71.0.1-r0%3Farch=x86&distroversion=v3.18&reponame=community

Package Instance