Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/511632?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "type": "deb", "namespace": "debian", "name": "firefox-esr", "version": "140.10.2esr-1~deb12u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "140.11.0esr-1~deb12u1", "latest_non_vulnerable_version": "140.11.0esr-1~deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/367?format=api", "vulnerability_id": "VCID-11ng-ds1t-ybdy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15758", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8946" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479849", "reference_id": "2479849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479849" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-47/", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029070", "reference_id": "show_bug.cgi?id=2029070", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:09:24Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029070" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8946" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11ng-ds1t-ybdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/371?format=api", "vulnerability_id": "VCID-1sgn-41vs-efcy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24553", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476492", "reference_id": "2476492", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476492" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-45", "reference_id": "mfsa2026-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-45/", "reference_id": "mfsa2026-45", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-47/", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2038679", "reference_id": "show_bug.cgi?id=2038679", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-14T16:46:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2038679" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8401" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1sgn-41vs-efcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/385?format=api", "vulnerability_id": "VCID-5fc5-xu9y-ekca", "summary": "Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8974.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8974.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14366", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8974" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479855", "reference_id": "2479855", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479855" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8974" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5fc5-xu9y-ekca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/373?format=api", "vulnerability_id": "VCID-5h7s-sfrz-eye3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8950.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05099", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8950" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479853", "reference_id": "2479853", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479853" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1965430", "reference_id": "show_bug.cgi?id=1965430", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:47:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1965430" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8950" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5h7s-sfrz-eye3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/375?format=api", "vulnerability_id": "VCID-e6ek-fjxf-subv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8954.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8954.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14079", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8954" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479847", "reference_id": "2479847", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479847" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2030747", "reference_id": "show_bug.cgi?id=2030747", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:15:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2030747" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8954" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6ek-fjxf-subv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/379?format=api", "vulnerability_id": "VCID-fbuu-t3mf-cfeg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8958.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8958.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18363", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8958" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479848", "reference_id": "2479848", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479848" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2034713", "reference_id": "show_bug.cgi?id=2034713", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T15:03:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2034713" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8958" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbuu-t3mf-cfeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/369?format=api", "vulnerability_id": "VCID-fhmv-bse8-abaw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20308", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8947" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479873", "reference_id": "2479873", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479873" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-47/", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2038439", "reference_id": "show_bug.cgi?id=2038439", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:14:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2038439" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8947" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhmv-bse8-abaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/376?format=api", "vulnerability_id": "VCID-g339-cuzq-ffh1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8955.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8955.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13908", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8955" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479842", "reference_id": "2479842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479842" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2031064", "reference_id": "show_bug.cgi?id=2031064", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2031064" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8955" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g339-cuzq-ffh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1090?format=api", "vulnerability_id": "VCID-ghpk-c1e6-pkae", "summary": "Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04976", "scoring_system": "epss", "scoring_elements": "0.89878", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5217" }, { "reference_url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software" }, { "reference_url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191" }, { "reference_url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://crbug.com/1486441", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://crbug.com/1486441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Oct/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Oct/12" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Oct/16", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Oct/16" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/electron/electron", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron" }, { "reference_url": "https://github.com/electron/electron/pull/40022", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40022" }, { "reference_url": "https://github.com/electron/electron/pull/40023", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40023" }, { "reference_url": "https://github.com/electron/electron/pull/40024", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40024" }, { "reference_url": "https://github.com/electron/electron/pull/40025", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40025" }, { "reference_url": "https://github.com/electron/electron/pull/40026", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40026" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v22.3.25", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v22.3.25" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v24.8.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v24.8.5" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v25.8.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v25.8.4" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v26.2.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v26.2.4" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v27.0.0-beta.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v27.0.0-beta.8" }, { "reference_url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590" }, { "reference_url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282" }, { "reference_url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1" }, { "reference_url": "https://github.com/webmproject/libvpx/tags", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/tags" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/" }, { "reference_url": "https://pastebin.com/TdkC4pDv", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://pastebin.com/TdkC4pDv" }, { "reference_url": "https://security.gentoo.org/glsa/202310-04", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://security.gentoo.org/glsa/202310-04" }, { "reference_url": "https://security.gentoo.org/glsa/202401-34", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://security.gentoo.org/glsa/202401-34" }, { "reference_url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217" }, { "reference_url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/" }, { "reference_url": "https://support.apple.com/kb/HT213961", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://support.apple.com/kb/HT213961" }, { "reference_url": "https://support.apple.com/kb/HT213972", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://support.apple.com/kb/HT213972" }, { "reference_url": "https://twitter.com/maddiestone/status/1707163313711497266", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://twitter.com/maddiestone/status/1707163313711497266" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5508", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5508" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5509", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5509" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5510", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5510" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/09/28/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/09/28/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/28/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/12" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/14", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/14" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/9" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/01/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/01/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/01/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/01/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/01/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/01/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/02/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/02/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/03/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/03/11" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182", "reference_id": "1053182", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/", "reference_id": "AY642Z6JZODQJE7Z62CFREVUHEGCXGPD", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5217", "reference_id": "CVE-2023-5217", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5217" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2023-5217", "reference_id": "CVE-2023-5217", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2023-5217" }, { "reference_url": "https://github.com/advisories/GHSA-qqvq-6xgj-jw8g", "reference_id": "GHSA-qqvq-6xgj-jw8g", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-qqvq-6xgj-jw8g" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44", "reference_id": "mfsa2023-44", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5426", "reference_id": "RHSA-2023:5426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5427", "reference_id": "RHSA-2023:5427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5428", "reference_id": "RHSA-2023:5428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5429", "reference_id": "RHSA-2023:5429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5430", "reference_id": "RHSA-2023:5430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5432", "reference_id": "RHSA-2023:5432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5433", "reference_id": "RHSA-2023:5433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5434", "reference_id": "RHSA-2023:5434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5435", "reference_id": "RHSA-2023:5435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5436", "reference_id": "RHSA-2023:5436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5437", "reference_id": "RHSA-2023:5437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5438", "reference_id": "RHSA-2023:5438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5439", "reference_id": "RHSA-2023:5439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5440", "reference_id": "RHSA-2023:5440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5475", "reference_id": "RHSA-2023:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5477", "reference_id": "RHSA-2023:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5534", "reference_id": "RHSA-2023:5534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5534" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5535", "reference_id": "RHSA-2023:5535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5536", "reference_id": "RHSA-2023:5536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5537", "reference_id": "RHSA-2023:5537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5538", "reference_id": "RHSA-2023:5538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5539", "reference_id": "RHSA-2023:5539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5539" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5540", "reference_id": "RHSA-2023:5540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5540" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/", "reference_id": "TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/" }, { "reference_url": "https://usn.ubuntu.com/6403-1/", "reference_id": "USN-6403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-1/" }, { "reference_url": "https://usn.ubuntu.com/6403-2/", "reference_id": "USN-6403-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-2/" }, { "reference_url": "https://usn.ubuntu.com/6403-3/", "reference_id": "USN-6403-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-3/" }, { "reference_url": "https://usn.ubuntu.com/6404-1/", "reference_id": "USN-6404-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6404-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" }, { "reference_url": "https://usn.ubuntu.com/7172-1/", "reference_id": "USN-7172-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7172-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2023-5217", "GHSA-qqvq-6xgj-jw8g" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ghpk-c1e6-pkae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/368?format=api", "vulnerability_id": "VCID-hjh5-utas-ekb9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1357", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8388" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476469", "reference_id": "2476469", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476469" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-45", "reference_id": "mfsa2026-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-45/", "reference_id": "mfsa2026-45", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-47/", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2036978", "reference_id": "show_bug.cgi?id=2036978", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-12T18:28:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2036978" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8388" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hjh5-utas-ekb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/377?format=api", "vulnerability_id": "VCID-rne7-tu7d-v7e9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20105", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8956" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479839", "reference_id": "2479839", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479839" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2032427", "reference_id": "show_bug.cgi?id=2032427", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:37:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2032427" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8956" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rne7-tu7d-v7e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/384?format=api", "vulnerability_id": "VCID-tqws-w9ga-gqew", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13908", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8970" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479852", "reference_id": "2479852", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479852" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2032174", "reference_id": "show_bug.cgi?id=2032174", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:30Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2032174" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8970" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tqws-w9ga-gqew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/386?format=api", "vulnerability_id": "VCID-tuxm-fxt8-vbee", "summary": "Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14686", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8975" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479840", "reference_id": "2479840", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479840" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669", "reference_id": "buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1860195%2C2029325%2C2029429%2C2029910%2C2035915%2C2038678%2C2038669" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-47/", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8975" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tuxm-fxt8-vbee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/374?format=api", "vulnerability_id": "VCID-tzqv-xgdb-efa1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8953.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8953.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14686", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8953" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479860", "reference_id": "2479860", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479860" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-47/", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029511", "reference_id": "show_bug.cgi?id=2029511", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:02:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029511" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8953" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzqv-xgdb-efa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/378?format=api", "vulnerability_id": "VCID-uncq-bg36-3yfe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8957.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13908", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8957" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479880", "reference_id": "2479880", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479880" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2033850", "reference_id": "show_bug.cgi?id=2033850", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T03:55:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2033850" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8957" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uncq-bg36-3yfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/382?format=api", "vulnerability_id": "VCID-vseb-hh7u-1fc5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8962.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8962.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8962", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15221", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8962" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479876", "reference_id": "2479876", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479876" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004804", "reference_id": "show_bug.cgi?id=2004804", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T15:12:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004804" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8962" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vseb-hh7u-1fc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/370?format=api", "vulnerability_id": "VCID-w8ts-g59t-z3d7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8391.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28853", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8391" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476475", "reference_id": "2476475", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476475" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-45", "reference_id": "mfsa2026-45", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-45/", "reference_id": "mfsa2026-45", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-47/", "reference_id": "mfsa2026-47", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2038575", "reference_id": "show_bug.cgi?id=2038575", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:47:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2038575" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8391" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w8ts-g59t-z3d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/381?format=api", "vulnerability_id": "VCID-z1zg-s87s-fkdu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8961.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8961.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.1059", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8961" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479871", "reference_id": "2479871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479871" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1962625", "reference_id": "show_bug.cgi?id=1962625", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T15:11:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1962625" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8961" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z1zg-s87s-fkdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/383?format=api", "vulnerability_id": "VCID-z8mw-3stk-vbdg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19523", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8968" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479846", "reference_id": "2479846", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2479846" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-46/", "reference_id": "mfsa2026-46", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-48/", "reference_id": "mfsa2026-48", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-50/", "reference_id": "mfsa2026-50", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-50/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-51/", "reference_id": "mfsa2026-51", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-51/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21378", "reference_id": "RHSA-2026:21378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21380", "reference_id": "RHSA-2026:21380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21381", "reference_id": "RHSA-2026:21381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21382", "reference_id": "RHSA-2026:21382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22325", "reference_id": "RHSA-2026:22325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22643", "reference_id": "RHSA-2026:22643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22643" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2030467", "reference_id": "show_bug.cgi?id=2030467", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:23:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2030467" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511634?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8968" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8mw-3stk-vbdg" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/352?format=api", "vulnerability_id": "VCID-1a91-6a49-mkcr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2782.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2782", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18711", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2782" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2782" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442331", "reference_id": "2442331", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442331" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010743", "reference_id": "show_bug.cgi?id=2010743", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010743" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2782" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1a91-6a49-mkcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/771?format=api", "vulnerability_id": "VCID-1abm-abmd-fqe9", "summary": "The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8033.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8033.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66716", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8033" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382717", "reference_id": "2382717", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382717" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-57/", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1973990", "reference_id": "show_bug.cgi?id=1973990", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:36:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1973990" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8033" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1abm-abmd-fqe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/698?format=api", "vulnerability_id": "VCID-1e6u-mg34-z7dt", "summary": "An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1010.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1010.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57274", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1010" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343750", "reference_id": "2343750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343750" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-08/", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-08/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1936982", "reference_id": "show_bug.cgi?id=1936982", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T18:47:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1936982" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1010" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1e6u-mg34-z7dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/712?format=api", "vulnerability_id": "VCID-1gu2-rmpc-kbcy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33255", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395766", "reference_id": "2395766", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395766" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-73/", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-74", "reference_id": "mfsa2025-74", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-74" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-74/", "reference_id": "mfsa2025-74", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-74/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-75/", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-77/", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-78/", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16108", "reference_id": "RHSA-2025:16108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16109", "reference_id": "RHSA-2025:16109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16156", "reference_id": "RHSA-2025:16156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16157", "reference_id": "RHSA-2025:16157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16260", "reference_id": "RHSA-2025:16260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16589", "reference_id": "RHSA-2025:16589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17340", "reference_id": "RHSA-2025:17340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17341", "reference_id": "RHSA-2025:17341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17342", "reference_id": "RHSA-2025:17342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17343", "reference_id": "RHSA-2025:17343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17344", "reference_id": "RHSA-2025:17344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17345", "reference_id": "RHSA-2025:17345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17346", "reference_id": "RHSA-2025:17346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17367", "reference_id": "RHSA-2025:17367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17368", "reference_id": "RHSA-2025:17368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17371", "reference_id": "RHSA-2025:17371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17372", "reference_id": "RHSA-2025:17372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17373", "reference_id": "RHSA-2025:17373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17374", "reference_id": "RHSA-2025:17374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17378", "reference_id": "RHSA-2025:17378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17453", "reference_id": "RHSA-2025:17453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17453" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1980788", "reference_id": "show_bug.cgi?id=1980788", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-16T13:44:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1980788" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-10533" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1gu2-rmpc-kbcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/800?format=api", "vulnerability_id": "VCID-1hp8-m7d3-rqeu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14331.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14331.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14331", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11484", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14331" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14331" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420512", "reference_id": "2420512", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420512" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-93/", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-93/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2000218", "reference_id": "show_bug.cgi?id=2000218", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T16:59:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2000218" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14331" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hp8-m7d3-rqeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/292?format=api", "vulnerability_id": "VCID-1hzr-cs91-m3be", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4695.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06484", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4695" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450715", "reference_id": "2450715", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450715" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020030", "reference_id": "show_bug.cgi?id=2020030", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:53:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020030" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4695" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hzr-cs91-m3be" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/749?format=api", "vulnerability_id": "VCID-1pzp-mm6e-kbdc", "summary": "Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63367", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368752", "reference_id": "2368752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368752" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634", "reference_id": "buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-5268" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1pzp-mm6e-kbdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18?format=api", "vulnerability_id": "VCID-1x7x-tfus-rqcj", "summary": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9393.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37753", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9393" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9393" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315956", "reference_id": "2315956", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315956" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-48/", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7505", "reference_id": "RHSA-2024:7505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918301", "reference_id": "show_bug.cgi?id=1918301", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T15:14:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918301" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-9393" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1x7x-tfus-rqcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/410?format=api", "vulnerability_id": "VCID-218f-qtyn-zfhq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0887.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04597", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0887" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0887" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428972", "reference_id": "2428972", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428972" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2006500", "reference_id": "show_bug.cgi?id=2006500", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:32:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2006500" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0887" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-218f-qtyn-zfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/758?format=api", "vulnerability_id": "VCID-24uq-dsuk-dffc", "summary": "jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1936.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39811", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1936" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349797", "reference_id": "2349797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349797" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1940027", "reference_id": "show_bug.cgi?id=1940027", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T17:55:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1940027" }, { "reference_url": "https://usn.ubuntu.com/7334-1/", "reference_id": "USN-7334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7334-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1936" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24uq-dsuk-dffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/769?format=api", "vulnerability_id": "VCID-2bdg-a23f-xkeg", "summary": "The username:password part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8031.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8031.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63678", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8031" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382704", "reference_id": "2382704", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382704" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1971719", "reference_id": "show_bug.cgi?id=1971719", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:56:53Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1971719" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8031" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bdg-a23f-xkeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357?format=api", "vulnerability_id": "VCID-2kfq-f6kt-1qca", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2787.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2787", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05883", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2787" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442297", "reference_id": "2442297", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442297" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014560", "reference_id": "show_bug.cgi?id=2014560", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:02:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014560" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2787" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2kfq-f6kt-1qca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/715?format=api", "vulnerability_id": "VCID-2rfk-hgrd-9ug9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09272", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395764", "reference_id": "2395764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395764" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-73/", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-75/", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-77/", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-78/", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16108", "reference_id": "RHSA-2025:16108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16109", "reference_id": "RHSA-2025:16109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16156", "reference_id": "RHSA-2025:16156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16157", "reference_id": "RHSA-2025:16157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16260", "reference_id": "RHSA-2025:16260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16589", "reference_id": "RHSA-2025:16589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17340", "reference_id": "RHSA-2025:17340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17341", "reference_id": "RHSA-2025:17341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17342", "reference_id": "RHSA-2025:17342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17343", "reference_id": "RHSA-2025:17343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17344", "reference_id": "RHSA-2025:17344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17345", "reference_id": "RHSA-2025:17345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17346", "reference_id": "RHSA-2025:17346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17367", "reference_id": "RHSA-2025:17367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17368", "reference_id": "RHSA-2025:17368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17371", "reference_id": "RHSA-2025:17371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17372", "reference_id": "RHSA-2025:17372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17373", "reference_id": "RHSA-2025:17373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17374", "reference_id": "RHSA-2025:17374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17378", "reference_id": "RHSA-2025:17378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17453", "reference_id": "RHSA-2025:17453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17453" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1981502", "reference_id": "show_bug.cgi?id=1981502", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-22T17:33:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1981502" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-10536" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2rfk-hgrd-9ug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/341?format=api", "vulnerability_id": "VCID-2t26-gcvr-q7hb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2771.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0884", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2771" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442288", "reference_id": "2442288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442288" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014593", "reference_id": "show_bug.cgi?id=2014593", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-16T14:30:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2771" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2t26-gcvr-q7hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/293?format=api", "vulnerability_id": "VCID-2vuj-4f6e-8kdq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4696.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09235", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4696" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450740", "reference_id": "2450740", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450740" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020190", "reference_id": "show_bug.cgi?id=2020190", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:56:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020190" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4696" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vuj-4f6e-8kdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109?format=api", "vulnerability_id": "VCID-34s2-6xpa-gfcw", "summary": "Video frames could have been leaked between origins in some situations.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64877", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322439", "reference_id": "2322439", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322439" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-57/", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920800", "reference_id": "show_bug.cgi?id=1920800", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920800" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10463" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34s2-6xpa-gfcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/291?format=api", "vulnerability_id": "VCID-39e6-gku3-uyd1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06778", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4694" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450747", "reference_id": "2450747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450747" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018430", "reference_id": "show_bug.cgi?id=2018430", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:52:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018430" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4694" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-39e6-gku3-uyd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302?format=api", "vulnerability_id": "VCID-3cv5-x8ek-xfb7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4706.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4706", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0805", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4706" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450714", "reference_id": "2450714", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450714" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015091", "reference_id": "show_bug.cgi?id=2015091", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:38:16Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015091" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4706" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3cv5-x8ek-xfb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/778?format=api", "vulnerability_id": "VCID-3fcq-bsy8-gbgd", "summary": "When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27418", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336168", "reference_id": "2336168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336168" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023", "reference_id": "show_bug.cgi?id=1933023", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-0241" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fcq-bsy8-gbgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78?format=api", "vulnerability_id": "VCID-3g2k-au3t-a7c9", "summary": "Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35185", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328941", "reference_id": "2328941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328941" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-65", "reference_id": "mfsa2024-65", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-65" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-65/", "reference_id": "mfsa2024-65", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-65/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-70", "reference_id": "mfsa2024-70", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-70" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-70/", "reference_id": "mfsa2024-70", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-70/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924167", "reference_id": "show_bug.cgi?id=1924167", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924167" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" }, { "reference_url": "https://usn.ubuntu.com/7193-1/", "reference_id": "USN-7193-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7193-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-11694" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3g2k-au3t-a7c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/739?format=api", "vulnerability_id": "VCID-3h2m-ew2t-kfd9", "summary": "Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9185.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36188", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9185" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389584", "reference_id": "2389584", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389584" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1970154%2C1976782%2C1977166", "reference_id": "buglist.cgi?bug_id=1970154%2C1976782%2C1977166", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1970154%2C1976782%2C1977166" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-64/", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-65", "reference_id": "mfsa2025-65", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-65" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-65/", "reference_id": "mfsa2025-65", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-65/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-66/", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-66/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-67/", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-70/", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-70/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-71/", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-71/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-72/", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T03:56:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-72/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14416", "reference_id": "RHSA-2025:14416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14417", "reference_id": "RHSA-2025:14417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14442", "reference_id": "RHSA-2025:14442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14640", "reference_id": "RHSA-2025:14640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14743", "reference_id": "RHSA-2025:14743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14844", "reference_id": "RHSA-2025:14844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15418", "reference_id": "RHSA-2025:15418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15419", "reference_id": "RHSA-2025:15419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15420", "reference_id": "RHSA-2025:15420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15421", "reference_id": "RHSA-2025:15421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15422", "reference_id": "RHSA-2025:15422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15423", "reference_id": "RHSA-2025:15423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15424", "reference_id": "RHSA-2025:15424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15430", "reference_id": "RHSA-2025:15430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15434", "reference_id": "RHSA-2025:15434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15435", "reference_id": "RHSA-2025:15435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15436", "reference_id": "RHSA-2025:15436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15437", "reference_id": "RHSA-2025:15437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15438", "reference_id": "RHSA-2025:15438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15496", "reference_id": "RHSA-2025:15496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15535", "reference_id": "RHSA-2025:15535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15535" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-9185" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3h2m-ew2t-kfd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/354?format=api", "vulnerability_id": "VCID-3kpd-xw2s-pqa7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06847", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442304", "reference_id": "2442304", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442304" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012984", "reference_id": "show_bug.cgi?id=2012984", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:13:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012984" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2784" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kpd-xw2s-pqa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/301?format=api", "vulnerability_id": "VCID-3rep-xv2u-n7he", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06967", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4705" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450722", "reference_id": "2450722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450722" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014873", "reference_id": "show_bug.cgi?id=2014873", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:38:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014873" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4705" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3rep-xv2u-n7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17?format=api", "vulnerability_id": "VCID-3rfh-czuk-v3d4", "summary": "A compromised content process could have allowed for the arbitrary loading of cross-origin pages.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3318", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9392" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315959", "reference_id": "2315959", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315959" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-48/", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7505", "reference_id": "RHSA-2024:7505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899154", "reference_id": "show_bug.cgi?id=1899154", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899154" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905843", "reference_id": "show_bug.cgi?id=1905843", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:20:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1905843" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-9392" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3rfh-czuk-v3d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/353?format=api", "vulnerability_id": "VCID-3uak-b885-3ub7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14662", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2783" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2783" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442300", "reference_id": "2442300", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442300" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010943", "reference_id": "show_bug.cgi?id=2010943", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:09:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010943" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2783" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3uak-b885-3ub7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/282?format=api", "vulnerability_id": "VCID-3ubw-c5jk-tuhy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4685.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0805", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4685" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450724", "reference_id": "2450724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450724" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016349", "reference_id": "show_bug.cgi?id=2016349", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:43:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016349" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4685" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ubw-c5jk-tuhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/390?format=api", "vulnerability_id": "VCID-3wkz-pa84-v3hm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5732.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14616", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5732" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455908", "reference_id": "2455908", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455908" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-25", "reference_id": "mfsa2026-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-25/", "reference_id": "mfsa2026-25", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-27", "reference_id": "mfsa2026-27", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-27" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-27/", "reference_id": "mfsa2026-27", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-27/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-28", "reference_id": "mfsa2026-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-28/", "reference_id": "mfsa2026-28", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-29", "reference_id": "mfsa2026-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-29/", "reference_id": "mfsa2026-29", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-29/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11805", "reference_id": "RHSA-2026:11805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11813", "reference_id": "RHSA-2026:11813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12264", "reference_id": "RHSA-2026:12264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13342", "reference_id": "RHSA-2026:13342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13412", "reference_id": "RHSA-2026:13412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13533", "reference_id": "RHSA-2026:13533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13582", "reference_id": "RHSA-2026:13582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13583", "reference_id": "RHSA-2026:13583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13596", "reference_id": "RHSA-2026:13596", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13596" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13600", "reference_id": "RHSA-2026:13600", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13600" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13665", "reference_id": "RHSA-2026:13665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13682", "reference_id": "RHSA-2026:13682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13683", "reference_id": "RHSA-2026:13683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13922", "reference_id": "RHSA-2026:13922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13977", "reference_id": "RHSA-2026:13977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14223", "reference_id": "RHSA-2026:14223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14303", "reference_id": "RHSA-2026:14303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15889", "reference_id": "RHSA-2026:15889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7671", "reference_id": "RHSA-2026:7671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7672", "reference_id": "RHSA-2026:7672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8052", "reference_id": "RHSA-2026:8052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8459", "reference_id": "RHSA-2026:8459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9345", "reference_id": "RHSA-2026:9345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9638", "reference_id": "RHSA-2026:9638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9638" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017867", "reference_id": "show_bug.cgi?id=2017867", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:28:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017867" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-5732" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3wkz-pa84-v3hm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74?format=api", "vulnerability_id": "VCID-4grd-ngdg-aqft", "summary": "An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24235", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328946", "reference_id": "2328946", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328946" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909535", "reference_id": "show_bug.cgi?id=1909535", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909535" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-11692" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4grd-ngdg-aqft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/731?format=api", "vulnerability_id": "VCID-4qts-ntde-3bax", "summary": "An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9179.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43615", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9179" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389580", "reference_id": "2389580", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389580" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-64/", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-65", "reference_id": "mfsa2025-65", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-65" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-65/", "reference_id": "mfsa2025-65", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-65/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-66/", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-66/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-67/", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-70/", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-70/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-71/", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-71/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-72/", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-72/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14416", "reference_id": "RHSA-2025:14416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14417", "reference_id": "RHSA-2025:14417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14442", "reference_id": "RHSA-2025:14442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14640", "reference_id": "RHSA-2025:14640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14743", "reference_id": "RHSA-2025:14743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14844", "reference_id": "RHSA-2025:14844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15418", "reference_id": "RHSA-2025:15418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15419", "reference_id": "RHSA-2025:15419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15420", "reference_id": "RHSA-2025:15420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15421", "reference_id": "RHSA-2025:15421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15422", "reference_id": "RHSA-2025:15422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15423", "reference_id": "RHSA-2025:15423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15424", "reference_id": "RHSA-2025:15424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15430", "reference_id": "RHSA-2025:15430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15434", "reference_id": "RHSA-2025:15434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15435", "reference_id": "RHSA-2025:15435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15436", "reference_id": "RHSA-2025:15436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15437", "reference_id": "RHSA-2025:15437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15438", "reference_id": "RHSA-2025:15438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15496", "reference_id": "RHSA-2025:15496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15535", "reference_id": "RHSA-2025:15535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15535" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979527", "reference_id": "show_bug.cgi?id=1979527", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:06:11Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979527" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-9179" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4qts-ntde-3bax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/313?format=api", "vulnerability_id": "VCID-4zaq-uh4v-8yg8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4717.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07727", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4717" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450712", "reference_id": "2450712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450712" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021695", "reference_id": "show_bug.cgi?id=2021695", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021695" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4717" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zaq-uh4v-8yg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/830?format=api", "vulnerability_id": "VCID-58j2-kuxh-jqfw", "summary": "A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4087.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4087.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4087", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.59206", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4087" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4087" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362904", "reference_id": "2362904", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362904" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-28/", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-29/", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-31/", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-32/", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4443", "reference_id": "RHSA-2025:4443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4458", "reference_id": "RHSA-2025:4458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4460", "reference_id": "RHSA-2025:4460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4751", "reference_id": "RHSA-2025:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4752", "reference_id": "RHSA-2025:4752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4753", "reference_id": "RHSA-2025:4753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4756", "reference_id": "RHSA-2025:4756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4797", "reference_id": "RHSA-2025:4797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7428", "reference_id": "RHSA-2025:7428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7506", "reference_id": "RHSA-2025:7506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7507", "reference_id": "RHSA-2025:7507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7543", "reference_id": "RHSA-2025:7543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7544", "reference_id": "RHSA-2025:7544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7545", "reference_id": "RHSA-2025:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7547", "reference_id": "RHSA-2025:7547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7689", "reference_id": "RHSA-2025:7689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7690", "reference_id": "RHSA-2025:7690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7691", "reference_id": "RHSA-2025:7691", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7691" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7692", "reference_id": "RHSA-2025:7692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7693", "reference_id": "RHSA-2025:7693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7694", "reference_id": "RHSA-2025:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7695", "reference_id": "RHSA-2025:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7695" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1952465", "reference_id": "show_bug.cgi?id=1952465", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1952465" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-4087" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-58j2-kuxh-jqfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/776?format=api", "vulnerability_id": "VCID-5dd5-q773-jkbj", "summary": "When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0239", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09187", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0239" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336170", "reference_id": "2336170", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336170" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156", "reference_id": "show_bug.cgi?id=1929156", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-0239" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dd5-q773-jkbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/404?format=api", "vulnerability_id": "VCID-5md9-c8d5-zkd4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0882.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07958", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0882" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428966", "reference_id": "2428966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428966" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-02/", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924125", "reference_id": "show_bug.cgi?id=1924125", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:21:25Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924125" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0882" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5md9-c8d5-zkd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/775?format=api", "vulnerability_id": "VCID-5pnd-9999-mfdj", "summary": "Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36589", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336165", "reference_id": "2336165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336165" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535", "reference_id": "show_bug.cgi?id=1915535", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-0238" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5pnd-9999-mfdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79?format=api", "vulnerability_id": "VCID-5tzy-vsqt-rqf2", "summary": "A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37638", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328948", "reference_id": "2328948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328948" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1925496", "reference_id": "show_bug.cgi?id=1925496", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1925496" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-11695" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5tzy-vsqt-rqf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/334?format=api", "vulnerability_id": "VCID-5wbs-etf2-uqb6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07522", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2764" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442329", "reference_id": "2442329", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442329" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012608", "reference_id": "show_bug.cgi?id=2012608", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:27:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012608" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2764" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5wbs-etf2-uqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/304?format=api", "vulnerability_id": "VCID-653d-arym-nba7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06622", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4708" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450735", "reference_id": "2450735", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450735" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015268", "reference_id": "show_bug.cgi?id=2015268", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:28:54Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015268" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4708" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-653d-arym-nba7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/719?format=api", "vulnerability_id": "VCID-658f-y5df-57c4", "summary": "Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1014.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43839", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1014" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343764", "reference_id": "2343764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343764" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1940804", "reference_id": "show_bug.cgi?id=1940804", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T20:58:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1940804" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1014" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-658f-y5df-57c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/281?format=api", "vulnerability_id": "VCID-67fn-bpkk-13dc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4684.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4684", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03694", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4684" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450721", "reference_id": "2450721", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450721" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011129", "reference_id": "show_bug.cgi?id=2011129", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:13:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011129" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4684" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67fn-bpkk-13dc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/333?format=api", "vulnerability_id": "VCID-6a5c-nga1-g3c2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2763.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07287", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2763" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442316", "reference_id": "2442316", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442316" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012018", "reference_id": "show_bug.cgi?id=2012018", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:25:44Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2012018" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2763" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6a5c-nga1-g3c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/284?format=api", "vulnerability_id": "VCID-6gcb-161r-9yg8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4687.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09077", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450757", "reference_id": "2450757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450757" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016368", "reference_id": "show_bug.cgi?id=2016368", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016368" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4687" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6gcb-161r-9yg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/330?format=api", "vulnerability_id": "VCID-6hge-dvzw-37eq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23962", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2760" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442325", "reference_id": "2442325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442325" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011062", "reference_id": "show_bug.cgi?id=2011062", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:49:35Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011062" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2760" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hge-dvzw-37eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/356?format=api", "vulnerability_id": "VCID-6n96-vek4-x3bu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05757", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2786" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442320", "reference_id": "2442320", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442320" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013612", "reference_id": "show_bug.cgi?id=2013612", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:03:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013612" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2786" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6n96-vek4-x3bu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/445?format=api", "vulnerability_id": "VCID-6ww1-ebeg-gyfh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6762.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6762.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15301", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460076", "reference_id": "2460076", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460076" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021080", "reference_id": "show_bug.cgi?id=2021080", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:32:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021080" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6762" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ww1-ebeg-gyfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/718?format=api", "vulnerability_id": "VCID-7321-q5ca-e3g7", "summary": "A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1013.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.4845", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1013" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343754", "reference_id": "2343754", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343754" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1932555", "reference_id": "show_bug.cgi?id=1932555", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:11:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1932555" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1013" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7321-q5ca-e3g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/706?format=api", "vulnerability_id": "VCID-75bf-evmg-fffe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10527.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10527.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24316", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395745", "reference_id": "2395745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395745" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-73/", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-75/", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-77/", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-78/", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16108", "reference_id": "RHSA-2025:16108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16109", "reference_id": "RHSA-2025:16109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16156", "reference_id": "RHSA-2025:16156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16157", "reference_id": "RHSA-2025:16157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16260", "reference_id": "RHSA-2025:16260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16589", "reference_id": "RHSA-2025:16589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17340", "reference_id": "RHSA-2025:17340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17341", "reference_id": "RHSA-2025:17341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17342", "reference_id": "RHSA-2025:17342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17343", "reference_id": "RHSA-2025:17343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17344", "reference_id": "RHSA-2025:17344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17345", "reference_id": "RHSA-2025:17345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17346", "reference_id": "RHSA-2025:17346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17367", "reference_id": "RHSA-2025:17367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17368", "reference_id": "RHSA-2025:17368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17371", "reference_id": "RHSA-2025:17371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17372", "reference_id": "RHSA-2025:17372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17373", "reference_id": "RHSA-2025:17373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17374", "reference_id": "RHSA-2025:17374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17378", "reference_id": "RHSA-2025:17378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17453", "reference_id": "RHSA-2025:17453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17453" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984825", "reference_id": "show_bug.cgi?id=1984825", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-16T13:30:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984825" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-10527" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75bf-evmg-fffe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/821?format=api", "vulnerability_id": "VCID-7da3-waxh-nfa5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10582", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13017" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414092", "reference_id": "2414092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414092" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1980904", "reference_id": "show_bug.cgi?id=1980904", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1980904" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13017" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7da3-waxh-nfa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107?format=api", "vulnerability_id": "VCID-7hxe-s6yn-s7aa", "summary": "In multipart/x-mixed-replace responses, Content-Disposition: attachment in the response header was not respected and did not force a download, which could allow XSS attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00944", "scoring_system": "epss", "scoring_elements": "0.7669", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322425", "reference_id": "2322425", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322425" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914521", "reference_id": "show_bug.cgi?id=1914521", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914521" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10461" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7hxe-s6yn-s7aa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/452?format=api", "vulnerability_id": "VCID-7kqr-c8gh-8yg3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6770.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6770.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2044", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460079", "reference_id": "2460079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460079" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2024220", "reference_id": "show_bug.cgi?id=2024220", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:05:25Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2024220" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6770" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7kqr-c8gh-8yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/311?format=api", "vulnerability_id": "VCID-7pzj-qkvs-f3d8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07727", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4715" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450723", "reference_id": "2450723", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450723" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018405", "reference_id": "show_bug.cgi?id=2018405", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:34:24Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018405" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4715" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7pzj-qkvs-f3d8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/711?format=api", "vulnerability_id": "VCID-7q2q-cfjc-pbeq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10532.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10532.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27318", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395754", "reference_id": "2395754", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395754" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-73/", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-75/", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-77/", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-78/", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16108", "reference_id": "RHSA-2025:16108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16109", "reference_id": "RHSA-2025:16109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16156", "reference_id": "RHSA-2025:16156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16157", "reference_id": "RHSA-2025:16157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16260", "reference_id": "RHSA-2025:16260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16589", "reference_id": "RHSA-2025:16589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17340", "reference_id": "RHSA-2025:17340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17341", "reference_id": "RHSA-2025:17341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17342", "reference_id": "RHSA-2025:17342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17343", "reference_id": "RHSA-2025:17343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17344", "reference_id": "RHSA-2025:17344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17345", "reference_id": "RHSA-2025:17345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17346", "reference_id": "RHSA-2025:17346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17367", "reference_id": "RHSA-2025:17367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17368", "reference_id": "RHSA-2025:17368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17371", "reference_id": "RHSA-2025:17371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17372", "reference_id": "RHSA-2025:17372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17373", "reference_id": "RHSA-2025:17373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17374", "reference_id": "RHSA-2025:17374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17378", "reference_id": "RHSA-2025:17378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17453", "reference_id": "RHSA-2025:17453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17453" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979502", "reference_id": "show_bug.cgi?id=1979502", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:10:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979502" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-10532" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7q2q-cfjc-pbeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/439?format=api", "vulnerability_id": "VCID-7qz3-6puh-2kgx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6752.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21718", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460078", "reference_id": "2460078", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460078" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027499", "reference_id": "show_bug.cgi?id=2027499", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:01:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027499" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6752" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7qz3-6puh-2kgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/442?format=api", "vulnerability_id": "VCID-7sdq-xgb4-myfv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6757.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6757.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6757", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14034", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460085", "reference_id": "2460085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460085" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013588", "reference_id": "show_bug.cgi?id=2013588", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:30:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013588" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6757" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7sdq-xgb4-myfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/309?format=api", "vulnerability_id": "VCID-7uqr-yb2y-rubr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06622", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4713" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450730", "reference_id": "2450730", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450730" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018113", "reference_id": "show_bug.cgi?id=2018113", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:13:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018113" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4713" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7uqr-yb2y-rubr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/846?format=api", "vulnerability_id": "VCID-7vyt-mpzf-wyez", "summary": "A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2832", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403765", "reference_id": "2403765", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403765" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989127", "reference_id": "show_bug.cgi?id=1989127", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989127" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-11709" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vyt-mpzf-wyez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/704?format=api", "vulnerability_id": "VCID-7w68-8btw-6yhm", "summary": "Thunderbird could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6429.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6429.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62985", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6429" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374561", "reference_id": "2374561", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374561" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-51/", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-53/", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-53/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-54/", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-54/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-55/", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-55/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10072", "reference_id": "RHSA-2025:10072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10073", "reference_id": "RHSA-2025:10073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10074", "reference_id": "RHSA-2025:10074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10159", "reference_id": "RHSA-2025:10159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10160", "reference_id": "RHSA-2025:10160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10161", "reference_id": "RHSA-2025:10161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10163", "reference_id": "RHSA-2025:10163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10164", "reference_id": "RHSA-2025:10164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10165", "reference_id": "RHSA-2025:10165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10166", "reference_id": "RHSA-2025:10166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10181", "reference_id": "RHSA-2025:10181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10182", "reference_id": "RHSA-2025:10182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10183", "reference_id": "RHSA-2025:10183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10184", "reference_id": "RHSA-2025:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10185", "reference_id": "RHSA-2025:10185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10186", "reference_id": "RHSA-2025:10186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10187", "reference_id": "RHSA-2025:10187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10188", "reference_id": "RHSA-2025:10188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10195", "reference_id": "RHSA-2025:10195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10196", "reference_id": "RHSA-2025:10196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10246", "reference_id": "RHSA-2025:10246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10246" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970658", "reference_id": "show_bug.cgi?id=1970658", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970658" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-6429" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7w68-8btw-6yhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/395?format=api", "vulnerability_id": "VCID-842n-w9k1-xbg6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7321.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15808", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7321" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7321", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463485", "reference_id": "2463485", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463485" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-36/", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-39/", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-39/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19153", "reference_id": "RHSA-2026:19153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19157", "reference_id": "RHSA-2026:19157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19370", "reference_id": "RHSA-2026:19370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19588", "reference_id": "RHSA-2026:19588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20586", "reference_id": "RHSA-2026:20586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21743", "reference_id": "RHSA-2026:21743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22324", "reference_id": "RHSA-2026:22324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22408", "reference_id": "RHSA-2026:22408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22409", "reference_id": "RHSA-2026:22409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22410", "reference_id": "RHSA-2026:22410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22708", "reference_id": "RHSA-2026:22708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22712", "reference_id": "RHSA-2026:22712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22847", "reference_id": "RHSA-2026:22847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22847" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029461", "reference_id": "show_bug.cgi?id=2029461", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-28T14:48:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029461" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-7321" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-842n-w9k1-xbg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/826?format=api", "vulnerability_id": "VCID-8er3-ykeh-2yag", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13014.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20925", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13014" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414080", "reference_id": "2414080", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414080" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994241", "reference_id": "show_bug.cgi?id=1994241", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994241" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13014" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8er3-ykeh-2yag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/768?format=api", "vulnerability_id": "VCID-8pgy-avxp-sbgk", "summary": "Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8030.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8030.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51339", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8030" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8030" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382710", "reference_id": "2382710", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1968414", "reference_id": "show_bug.cgi?id=1968414", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1968414" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8030" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8pgy-avxp-sbgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/298?format=api", "vulnerability_id": "VCID-91d9-jmrd-audv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4701.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07727", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4701" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450710", "reference_id": "2450710", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450710" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009303", "reference_id": "show_bug.cgi?id=2009303", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:04:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4701" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91d9-jmrd-audv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/296?format=api", "vulnerability_id": "VCID-9b2b-19kn-h3ga", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4699.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0805", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4699" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450739", "reference_id": "2450739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450739" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021863", "reference_id": "show_bug.cgi?id=2021863", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:00:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021863" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4699" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9b2b-19kn-h3ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/766?format=api", "vulnerability_id": "VCID-9nya-5uwj-bbae", "summary": "On arm64, a WASM br_table instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8028.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8028.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.74093", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8028" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382701", "reference_id": "2382701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382701" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-57/", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1971581", "reference_id": "show_bug.cgi?id=1971581", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:32:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1971581" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8028" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9nya-5uwj-bbae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/323?format=api", "vulnerability_id": "VCID-9yhq-waqd-fbgb", "summary": "Memory safety bugs present in Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7323.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7323.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7323", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05846", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7323" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463481", "reference_id": "2463481", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463481" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2028537%2C2029911%2C2031121%2C2033602", "reference_id": "buglist.cgi?bug_id=2028537%2C2029911%2C2031121%2C2033602", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2028537%2C2029911%2C2031121%2C2033602" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-35", "reference_id": "mfsa2026-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-35/", "reference_id": "mfsa2026-35", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-36/", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-38", "reference_id": "mfsa2026-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-38/", "reference_id": "mfsa2026-38", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-38/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-39/", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-39/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19153", "reference_id": "RHSA-2026:19153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19157", "reference_id": "RHSA-2026:19157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19370", "reference_id": "RHSA-2026:19370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19588", "reference_id": "RHSA-2026:19588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20586", "reference_id": "RHSA-2026:20586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21743", "reference_id": "RHSA-2026:21743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22324", "reference_id": "RHSA-2026:22324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22408", "reference_id": "RHSA-2026:22408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22409", "reference_id": "RHSA-2026:22409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22410", "reference_id": "RHSA-2026:22410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22708", "reference_id": "RHSA-2026:22708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22712", "reference_id": "RHSA-2026:22712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22847", "reference_id": "RHSA-2026:22847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22847" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-7323" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9yhq-waqd-fbgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/437?format=api", "vulnerability_id": "VCID-a1ue-4u75-a3hu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1559", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460102", "reference_id": "2460102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460102" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023407", "reference_id": "show_bug.cgi?id=2023407", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023407" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6750" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a1ue-4u75-a3hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351?format=api", "vulnerability_id": "VCID-a3h3-f7f4-kbgx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2781.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18266", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442292", "reference_id": "2442292", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442292" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009552", "reference_id": "show_bug.cgi?id=2009552", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:07:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009552" }, { "reference_url": "https://usn.ubuntu.com/8071-1/", "reference_id": "USN-8071-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8071-1/" }, { "reference_url": "https://usn.ubuntu.com/8071-2/", "reference_id": "USN-8071-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8071-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2781" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3h3-f7f4-kbgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33?format=api", "vulnerability_id": "VCID-a4tr-trur-rfd7", "summary": "An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines.\nWe have had reports of this vulnerability being exploited in the wild.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9680.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9680", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30808", "scoring_system": "epss", "scoring_elements": "0.96826", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9680" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9680" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989", "reference_id": "1084989", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084989" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317442", "reference_id": "2317442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317442" }, { "reference_url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039", "reference_id": "CVE-2024-49039", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-51", "reference_id": "mfsa2024-51", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-51/", "reference_id": "mfsa2024-51", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-52", "reference_id": "mfsa2024-52", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-52" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-52/", "reference_id": "mfsa2024-52", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-52/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7958", "reference_id": "RHSA-2024:7958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7977", "reference_id": "RHSA-2024:7977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8024", "reference_id": "RHSA-2024:8024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8025", "reference_id": "RHSA-2024:8025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8026", "reference_id": "RHSA-2024:8026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8027", "reference_id": "RHSA-2024:8027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8028", "reference_id": "RHSA-2024:8028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8029", "reference_id": "RHSA-2024:8029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8030", "reference_id": "RHSA-2024:8030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8031", "reference_id": "RHSA-2024:8031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8032", "reference_id": "RHSA-2024:8032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8033", "reference_id": "RHSA-2024:8033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8034", "reference_id": "RHSA-2024:8034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8131", "reference_id": "RHSA-2024:8131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8167", "reference_id": "RHSA-2024:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8176", "reference_id": "RHSA-2024:8176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1923344", "reference_id": "show_bug.cgi?id=1923344", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-10-16T12:58:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1923344" }, { "reference_url": "https://usn.ubuntu.com/7065-1/", "reference_id": "USN-7065-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7065-1/" }, { "reference_url": "https://usn.ubuntu.com/7066-1/", "reference_id": "USN-7066-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7066-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-9680" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a4tr-trur-rfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/329?format=api", "vulnerability_id": "VCID-a64u-ysv8-8bfw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2759.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21419", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2759" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442307", "reference_id": "2442307", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442307" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010933", "reference_id": "show_bug.cgi?id=2010933", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:46:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2010933" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2759" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a64u-ysv8-8bfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/286?format=api", "vulnerability_id": "VCID-afkr-dqwv-sqe7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4689.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4689", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09331", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4689" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4689" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450718", "reference_id": "2450718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450718" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016374", "reference_id": "show_bug.cgi?id=2016374", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016374" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4689" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-afkr-dqwv-sqe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/287?format=api", "vulnerability_id": "VCID-ag6a-g7ud-zkga", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4690.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0585", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4690" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450732", "reference_id": "2450732", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450732" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016375", "reference_id": "show_bug.cgi?id=2016375", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016375" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4690" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ag6a-g7ud-zkga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/697?format=api", "vulnerability_id": "VCID-ah8t-8he4-u3fx", "summary": "An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00799", "scoring_system": "epss", "scoring_elements": "0.74423", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343760", "reference_id": "2343760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343760" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-08/", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-08/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1936613", "reference_id": "show_bug.cgi?id=1936613", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-14T03:55:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1936613" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1009" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ah8t-8he4-u3fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/288?format=api", "vulnerability_id": "VCID-ajuf-pwx9-dyat", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12164", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4691" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450738", "reference_id": "2450738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450738" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017512", "reference_id": "show_bug.cgi?id=2017512", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T12:49:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017512" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4691" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajuf-pwx9-dyat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/705?format=api", "vulnerability_id": "VCID-aq6c-ew84-hbg3", "summary": "When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a <embed> or <object> tag, potentially making a website vulnerable to a cross-site scripting attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6430.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6430.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6430", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0037", "scoring_system": "epss", "scoring_elements": "0.59181", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6430" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374555", "reference_id": "2374555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374555" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-51/", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-53/", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-53/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-54/", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-54/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-55/", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-55/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10072", "reference_id": "RHSA-2025:10072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10073", "reference_id": "RHSA-2025:10073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10074", "reference_id": "RHSA-2025:10074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10159", "reference_id": "RHSA-2025:10159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10160", "reference_id": "RHSA-2025:10160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10161", "reference_id": "RHSA-2025:10161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10163", "reference_id": "RHSA-2025:10163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10164", "reference_id": "RHSA-2025:10164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10165", "reference_id": "RHSA-2025:10165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10166", "reference_id": "RHSA-2025:10166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10181", "reference_id": "RHSA-2025:10181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10182", "reference_id": "RHSA-2025:10182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10183", "reference_id": "RHSA-2025:10183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10184", "reference_id": "RHSA-2025:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10185", "reference_id": "RHSA-2025:10185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10186", "reference_id": "RHSA-2025:10186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10187", "reference_id": "RHSA-2025:10187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10188", "reference_id": "RHSA-2025:10188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10195", "reference_id": "RHSA-2025:10195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10196", "reference_id": "RHSA-2025:10196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10246", "reference_id": "RHSA-2025:10246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10246" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1971140", "reference_id": "show_bug.cgi?id=1971140", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1971140" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-6430" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aq6c-ew84-hbg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/303?format=api", "vulnerability_id": "VCID-b71m-y81y-cffg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4707.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4707", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05604", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4707" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4707" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450755", "reference_id": "2450755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450755" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015267", "reference_id": "show_bug.cgi?id=2015267", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:37:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015267" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4707" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b71m-y81y-cffg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/701?format=api", "vulnerability_id": "VCID-ba87-4h5x-qfgj", "summary": "A use-after-free in FontFaceSet resulted in a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6424.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6424.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6424", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01103", "scoring_system": "epss", "scoring_elements": "0.78438", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6424" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6424", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6424" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374559", "reference_id": "2374559", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374559" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-51/", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-52", "reference_id": "mfsa2025-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-52" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-52/", "reference_id": "mfsa2025-52", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-52/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-53/", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-53/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-54/", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-54/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-55/", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-55/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10072", "reference_id": "RHSA-2025:10072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10073", "reference_id": "RHSA-2025:10073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10074", "reference_id": "RHSA-2025:10074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10159", "reference_id": "RHSA-2025:10159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10160", "reference_id": "RHSA-2025:10160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10161", "reference_id": "RHSA-2025:10161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10163", "reference_id": "RHSA-2025:10163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10164", "reference_id": "RHSA-2025:10164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10165", "reference_id": "RHSA-2025:10165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10166", "reference_id": "RHSA-2025:10166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10181", "reference_id": "RHSA-2025:10181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10182", "reference_id": "RHSA-2025:10182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10183", "reference_id": "RHSA-2025:10183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10184", "reference_id": "RHSA-2025:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10185", "reference_id": "RHSA-2025:10185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10186", "reference_id": "RHSA-2025:10186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10187", "reference_id": "RHSA-2025:10187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10188", "reference_id": "RHSA-2025:10188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10195", "reference_id": "RHSA-2025:10195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10196", "reference_id": "RHSA-2025:10196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10246", "reference_id": "RHSA-2025:10246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10246" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1966423", "reference_id": "show_bug.cgi?id=1966423", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-25T12:36:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1966423" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-6424" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ba87-4h5x-qfgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/793?format=api", "vulnerability_id": "VCID-bddb-uxzg-5yau", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1213", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14322" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14322" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420506", "reference_id": "2420506", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420506" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-93/", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-93/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996473", "reference_id": "show_bug.cgi?id=1996473", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996473" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14322" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bddb-uxzg-5yau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/300?format=api", "vulnerability_id": "VCID-bgy5-ncd5-zfa2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06484", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4704" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450756", "reference_id": "2450756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450756" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014868", "reference_id": "show_bug.cgi?id=2014868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:50:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4704" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgy5-ncd5-zfa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/318?format=api", "vulnerability_id": "VCID-bshf-uudf-vfa7", "summary": "Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07877", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4721" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450711", "reference_id": "2450711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450711" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676", "reference_id": "buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2013762%2C2015291%2C2016591%2C2016661%2C2016664%2C2017303%2C2017894%2C2018090%2C2018196%2C2018379%2C2019112%2C2022090%2C2022243%2C2022351%2C2022478%2C2022676" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:11Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4721" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bshf-uudf-vfa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/290?format=api", "vulnerability_id": "VCID-btqx-pwd3-k7bw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0805", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4693" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450741", "reference_id": "2450741", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450741" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018102", "reference_id": "show_bug.cgi?id=2018102", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:50:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018102" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4693" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btqx-pwd3-k7bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/844?format=api", "vulnerability_id": "VCID-buzz-h9y8-6qbf", "summary": "Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4093.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4093.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4093", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.58975", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4093" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362915", "reference_id": "2362915", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362915" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-29/", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:16:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-32/", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:16:24Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4443", "reference_id": "RHSA-2025:4443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4458", "reference_id": "RHSA-2025:4458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4460", "reference_id": "RHSA-2025:4460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4751", "reference_id": "RHSA-2025:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4752", "reference_id": "RHSA-2025:4752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4753", "reference_id": "RHSA-2025:4753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4756", "reference_id": "RHSA-2025:4756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4797", "reference_id": "RHSA-2025:4797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7428", "reference_id": "RHSA-2025:7428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7506", "reference_id": "RHSA-2025:7506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7507", "reference_id": "RHSA-2025:7507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7543", "reference_id": "RHSA-2025:7543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7544", "reference_id": "RHSA-2025:7544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7545", "reference_id": "RHSA-2025:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7547", "reference_id": "RHSA-2025:7547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7689", "reference_id": "RHSA-2025:7689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7690", "reference_id": "RHSA-2025:7690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7691", "reference_id": "RHSA-2025:7691", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7691" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7692", "reference_id": "RHSA-2025:7692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7693", "reference_id": "RHSA-2025:7693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7694", "reference_id": "RHSA-2025:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7695", "reference_id": "RHSA-2025:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7695" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1894100", "reference_id": "show_bug.cgi?id=1894100", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:16:24Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1894100" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-4093" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-buzz-h9y8-6qbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360?format=api", "vulnerability_id": "VCID-bv8f-vus1-53g3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07578", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2790" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442313", "reference_id": "2442313", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442313" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2008426", "reference_id": "show_bug.cgi?id=2008426", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:20:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2008426" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2790" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8f-vus1-53g3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/447?format=api", "vulnerability_id": "VCID-byuc-7bjd-sqbt", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6764.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19921", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460106", "reference_id": "2460106", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460106" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022162", "reference_id": "show_bug.cgi?id=2022162", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:00:30Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022162" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6764" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-byuc-7bjd-sqbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/743?format=api", "vulnerability_id": "VCID-c25m-7d3t-4qdc", "summary": "Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32623", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368751", "reference_id": "2368751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368751" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-43/", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950001", "reference_id": "show_bug.cgi?id=1950001", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950001" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-5264" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c25m-7d3t-4qdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/347?format=api", "vulnerability_id": "VCID-c67s-85rf-ekep", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2777.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2777", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20922", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2777" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442312", "reference_id": "2442312", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442312" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015305", "reference_id": "show_bug.cgi?id=2015305", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015305" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2777" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c67s-85rf-ekep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/335?format=api", "vulnerability_id": "VCID-c6pn-yvm2-nkgp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2765.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07088", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442333", "reference_id": "2442333", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442333" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013562", "reference_id": "show_bug.cgi?id=2013562", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:30:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013562" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2765" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6pn-yvm2-nkgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/699?format=api", "vulnerability_id": "VCID-cfa9-bcv2-xke8", "summary": "A race during concurrent delazification could have led to a use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1012.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00427", "scoring_system": "epss", "scoring_elements": "0.62767", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1012" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343765", "reference_id": "2343765", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343765" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-08/", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-08/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1939710", "reference_id": "show_bug.cgi?id=1939710", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T16:01:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1939710" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1012" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cfa9-bcv2-xke8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/455?format=api", "vulnerability_id": "VCID-ck16-s95h-wqf7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02855", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460110", "reference_id": "2460110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460110" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021770", "reference_id": "show_bug.cgi?id=2021770", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T13:49:53Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021770" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6776" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ck16-s95h-wqf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/451?format=api", "vulnerability_id": "VCID-csrv-t7e2-gqa5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6769.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6769.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15316", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460108", "reference_id": "2460108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460108" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023753", "reference_id": "show_bug.cgi?id=2023753", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:52:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023753" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6769" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csrv-t7e2-gqa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/321?format=api", "vulnerability_id": "VCID-cut7-1fc1-77bj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7320.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7320.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17158", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7320" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7320" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463483", "reference_id": "2463483", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463483" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-35", "reference_id": "mfsa2026-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-35/", "reference_id": "mfsa2026-35", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-36/", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-37", "reference_id": "mfsa2026-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-37/", "reference_id": "mfsa2026-37", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-38", "reference_id": "mfsa2026-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-38/", "reference_id": "mfsa2026-38", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-38/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-39/", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-39/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19153", "reference_id": "RHSA-2026:19153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19157", "reference_id": "RHSA-2026:19157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19370", "reference_id": "RHSA-2026:19370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19588", "reference_id": "RHSA-2026:19588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20586", "reference_id": "RHSA-2026:20586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21743", "reference_id": "RHSA-2026:21743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22324", "reference_id": "RHSA-2026:22324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22408", "reference_id": "RHSA-2026:22408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22409", "reference_id": "RHSA-2026:22409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22410", "reference_id": "RHSA-2026:22410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22708", "reference_id": "RHSA-2026:22708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22712", "reference_id": "RHSA-2026:22712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22847", "reference_id": "RHSA-2026:22847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22847" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027433", "reference_id": "show_bug.cgi?id=2027433", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:36:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027433" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-7320" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cut7-1fc1-77bj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/774?format=api", "vulnerability_id": "VCID-cz8m-883z-xqg8", "summary": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36949", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336182", "reference_id": "2336182", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336182" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257", "reference_id": "show_bug.cgi?id=1915257", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-0237" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cz8m-883z-xqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350?format=api", "vulnerability_id": "VCID-d1gw-1y42-cbgm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2780.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2780", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05566", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2780" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442334", "reference_id": "2442334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442334" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2007829", "reference_id": "show_bug.cgi?id=2007829", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:56:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2007829" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2780" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1gw-1y42-cbgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/827?format=api", "vulnerability_id": "VCID-d5cm-c9z9-y7gt", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13015.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13015.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1167", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13015" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414090", "reference_id": "2414090", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414090" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994164", "reference_id": "show_bug.cgi?id=1994164", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994164" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13015" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5cm-c9z9-y7gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/299?format=api", "vulnerability_id": "VCID-dscu-jj1c-h3f5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4702.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07727", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4702" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450744", "reference_id": "2450744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450744" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013560", "reference_id": "show_bug.cgi?id=2013560", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:48:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013560" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4702" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dscu-jj1c-h3f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/801?format=api", "vulnerability_id": "VCID-dup7-7s5q-p7f1", "summary": "Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14333.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14333.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23382", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14333" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14333", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14333" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420502", "reference_id": "2420502", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420502" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1966501%2C1997639", "reference_id": "buglist.cgi?bug_id=1966501%2C1997639", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1966501%2C1997639" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14333" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dup7-7s5q-p7f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/822?format=api", "vulnerability_id": "VCID-e1h3-huhs-57cy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13018.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13018.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10582", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13018" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414079", "reference_id": "2414079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414079" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984940", "reference_id": "show_bug.cgi?id=1984940", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984940" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13018" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1h3-huhs-57cy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/824?format=api", "vulnerability_id": "VCID-e3wt-r6nd-fqd4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13013.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17358", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13013" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414091", "reference_id": "2414091", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414091" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991945", "reference_id": "show_bug.cgi?id=1991945", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991945" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13013" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3wt-r6nd-fqd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/412?format=api", "vulnerability_id": "VCID-e6vb-fr1v-abe1", "summary": "Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08669", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0891" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428963", "reference_id": "2428963", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428963" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278", "reference_id": "buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-15T04:56:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0891" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6vb-fr1v-abe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/401?format=api", "vulnerability_id": "VCID-e8nq-4szw-efau", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0878.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0878", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10311", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0878" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428965", "reference_id": "2428965", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428965" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003989", "reference_id": "show_bug.cgi?id=2003989", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:40:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003989" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0878" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8nq-4szw-efau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/433?format=api", "vulnerability_id": "VCID-e8uz-464h-jfct", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6746.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21402", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460112", "reference_id": "2460112", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460112" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014596", "reference_id": "show_bug.cgi?id=2014596", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014596" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6746" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8uz-464h-jfct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/450?format=api", "vulnerability_id": "VCID-e9n9-xud9-dkgv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16693", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460086", "reference_id": "2460086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460086" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023209", "reference_id": "show_bug.cgi?id=2023209", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:09:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023209" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6767" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9n9-xud9-dkgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/402?format=api", "vulnerability_id": "VCID-ec7k-fb24-jqg6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0879.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09282", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0879" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428973", "reference_id": "2428973", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428973" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-02/", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004602", "reference_id": "show_bug.cgi?id=2004602", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:37:22Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2004602" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0879" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ec7k-fb24-jqg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/310?format=api", "vulnerability_id": "VCID-ewwr-wvtp-cygb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06622", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4714" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450725", "reference_id": "2450725", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450725" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018126", "reference_id": "show_bug.cgi?id=2018126", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:10:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018126" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4714" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewwr-wvtp-cygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/444?format=api", "vulnerability_id": "VCID-exx3-yz3e-3uhq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15316", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460099", "reference_id": "2460099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460099" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017857", "reference_id": "show_bug.cgi?id=2017857", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T03:56:02Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017857" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6761" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-exx3-yz3e-3uhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/305?format=api", "vulnerability_id": "VCID-ey5c-yskx-nqbe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08047", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4709" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450726", "reference_id": "2450726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450726" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016329", "reference_id": "show_bug.cgi?id=2016329", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016329" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016342", "reference_id": "show_bug.cgi?id=2016342", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T16:27:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016342" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4709" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ey5c-yskx-nqbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/294?format=api", "vulnerability_id": "VCID-f2wb-161u-suc3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4697.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06484", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450729", "reference_id": "2450729", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450729" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020422", "reference_id": "show_bug.cgi?id=2020422", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:57:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020422" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4697" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f2wb-161u-suc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/409?format=api", "vulnerability_id": "VCID-f6tr-3mnj-yqhb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0886.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05701", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0886" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428978", "reference_id": "2428978", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428978" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-02/", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2005658", "reference_id": "show_bug.cgi?id=2005658", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:27:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2005658" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0886" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f6tr-3mnj-yqhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/327?format=api", "vulnerability_id": "VCID-f9cx-t7df-vkad", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2757.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2757", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21419", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2757" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442324", "reference_id": "2442324", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442324" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2001637", "reference_id": "show_bug.cgi?id=2001637", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:39:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2001637" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2757" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f9cx-t7df-vkad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/446?format=api", "vulnerability_id": "VCID-fgwr-7rn9-qked", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6763.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6763.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19232", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460101", "reference_id": "2460101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460101" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021666", "reference_id": "show_bug.cgi?id=2021666", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T20:12:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021666" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6763" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgwr-7rn9-qked" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104?format=api", "vulnerability_id": "VCID-fqnp-zeze-yfcj", "summary": "A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.64254", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322428", "reference_id": "2322428", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322428" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-57/", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921733", "reference_id": "show_bug.cgi?id=1921733", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921733" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10458" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqnp-zeze-yfcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/759?format=api", "vulnerability_id": "VCID-fvdd-938n-2ybc", "summary": "Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1937.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49232", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1937" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349795", "reference_id": "2349795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349795" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716", "reference_id": "buglist.cgi?bug_id=1938471%2C1940716", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938471%2C1940716" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-15/", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2899", "reference_id": "RHSA-2025:2899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2900", "reference_id": "RHSA-2025:2900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2957", "reference_id": "RHSA-2025:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2958", "reference_id": "RHSA-2025:2958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2959", "reference_id": "RHSA-2025:2959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2960", "reference_id": "RHSA-2025:2960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3009", "reference_id": "RHSA-2025:3009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3013", "reference_id": "RHSA-2025:3013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3036", "reference_id": "RHSA-2025:3036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3036" }, { "reference_url": "https://usn.ubuntu.com/7334-1/", "reference_id": "USN-7334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7334-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1937" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvdd-938n-2ybc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/322?format=api", "vulnerability_id": "VCID-g2m7-vtmy-bfb2", "summary": "Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0663", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-7322" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7322" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463484", "reference_id": "2463484", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463484" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-35", "reference_id": "mfsa2026-35", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-35" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-35/", "reference_id": "mfsa2026-35", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-35/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-36/", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-37", "reference_id": "mfsa2026-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-37/", "reference_id": "mfsa2026-37", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-38", "reference_id": "mfsa2026-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-38/", "reference_id": "mfsa2026-38", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-38/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-39/", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T03:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-39/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19153", "reference_id": "RHSA-2026:19153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19157", "reference_id": "RHSA-2026:19157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19370", "reference_id": "RHSA-2026:19370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19588", "reference_id": "RHSA-2026:19588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20586", "reference_id": "RHSA-2026:20586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21743", "reference_id": "RHSA-2026:21743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22324", "reference_id": "RHSA-2026:22324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22408", "reference_id": "RHSA-2026:22408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22409", "reference_id": "RHSA-2026:22409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22410", "reference_id": "RHSA-2026:22410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22708", "reference_id": "RHSA-2026:22708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22712", "reference_id": "RHSA-2026:22712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22847", "reference_id": "RHSA-2026:22847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22847" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-7322" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g2m7-vtmy-bfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/453?format=api", "vulnerability_id": "VCID-g32m-6zmz-fbeq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6771.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6771.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21068", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460105", "reference_id": "2460105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460105" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2025067", "reference_id": "show_bug.cgi?id=2025067", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T19:31:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2025067" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6771" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g32m-6zmz-fbeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/795?format=api", "vulnerability_id": "VCID-gsbq-8nr4-7bga", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14324.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14324.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14324", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22215", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14324" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14324" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420517", "reference_id": "2420517", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420517" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-93/", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-93/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996840", "reference_id": "show_bug.cgi?id=1996840", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:01:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996840" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14324" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gsbq-8nr4-7bga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/358?format=api", "vulnerability_id": "VCID-gseh-9bmg-q3hp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07287", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442302", "reference_id": "2442302", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442302" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014824", "reference_id": "show_bug.cgi?id=2014824", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:11:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014824" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2788" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gseh-9bmg-q3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/448?format=api", "vulnerability_id": "VCID-guav-jpev-qqbw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6765.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6765.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14927", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460107", "reference_id": "2460107", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460107" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022419", "reference_id": "show_bug.cgi?id=2022419", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:10:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022419" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6765" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-guav-jpev-qqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359?format=api", "vulnerability_id": "VCID-hcft-s1u3-hkbp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2789.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2789", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05883", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2789" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442322", "reference_id": "2442322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442322" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015179", "reference_id": "show_bug.cgi?id=2015179", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:15:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015179" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2789" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hcft-s1u3-hkbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/355?format=api", "vulnerability_id": "VCID-j3vd-wt1f-g3gj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2785.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2785", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05757", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2785" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442284", "reference_id": "2442284", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442284" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013549", "reference_id": "show_bug.cgi?id=2013549", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:06:44Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013549" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2785" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j3vd-wt1f-g3gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/403?format=api", "vulnerability_id": "VCID-j79f-pxjk-7qdh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0880.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07958", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0880" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0880" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428975", "reference_id": "2428975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428975" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-02/", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2005014", "reference_id": "show_bug.cgi?id=2005014", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-13T18:40:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2005014" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0880" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j79f-pxjk-7qdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/449?format=api", "vulnerability_id": "VCID-je5a-edxm-rybv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15479", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460097", "reference_id": "2460097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460097" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023207", "reference_id": "show_bug.cgi?id=2023207", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T16:37:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2023207" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6766" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-je5a-edxm-rybv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/306?format=api", "vulnerability_id": "VCID-jqar-tqxb-23bu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07727", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450727", "reference_id": "2450727", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450727" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016370", "reference_id": "show_bug.cgi?id=2016370", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T18:52:46Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016370" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4710" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jqar-tqxb-23bu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/690?format=api", "vulnerability_id": "VCID-k1zc-ud5s-3ug9", "summary": "JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3028.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3028.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31578", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3028" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356562", "reference_id": "2356562", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356562" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-20", "reference_id": "mfsa2025-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-20/", "reference_id": "mfsa2025-20", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-21", "reference_id": "mfsa2025-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-21/", "reference_id": "mfsa2025-21", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-22", "reference_id": "mfsa2025-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-22/", "reference_id": "mfsa2025-22", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-23", "reference_id": "mfsa2025-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-23/", "reference_id": "mfsa2025-23", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-24", "reference_id": "mfsa2025-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-24/", "reference_id": "mfsa2025-24", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3556", "reference_id": "RHSA-2025:3556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3581", "reference_id": "RHSA-2025:3581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3582", "reference_id": "RHSA-2025:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3587", "reference_id": "RHSA-2025:3587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3589", "reference_id": "RHSA-2025:3589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3590", "reference_id": "RHSA-2025:3590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3620", "reference_id": "RHSA-2025:3620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3621", "reference_id": "RHSA-2025:3621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3623", "reference_id": "RHSA-2025:3623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3628", "reference_id": "RHSA-2025:3628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4026", "reference_id": "RHSA-2025:4026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4027", "reference_id": "RHSA-2025:4027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4028", "reference_id": "RHSA-2025:4028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4029", "reference_id": "RHSA-2025:4029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4030", "reference_id": "RHSA-2025:4030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4031", "reference_id": "RHSA-2025:4031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4032", "reference_id": "RHSA-2025:4032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4169", "reference_id": "RHSA-2025:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4170", "reference_id": "RHSA-2025:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7491", "reference_id": "RHSA-2025:7491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7493", "reference_id": "RHSA-2025:7493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7493" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1941002", "reference_id": "show_bug.cgi?id=1941002", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T20:40:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1941002" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-3028" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1zc-ud5s-3ug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/289?format=api", "vulnerability_id": "VCID-k618-8ukj-wuc2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09673", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4692" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450748", "reference_id": "2450748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450748" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017643", "reference_id": "show_bug.cgi?id=2017643", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2017643" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4692" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k618-8ukj-wuc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/328?format=api", "vulnerability_id": "VCID-km6r-axw9-c7gm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2758.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21419", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2758" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442337", "reference_id": "2442337", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442337" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009608", "reference_id": "show_bug.cgi?id=2009608", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:44:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2009608" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2758" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-km6r-axw9-c7gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/794?format=api", "vulnerability_id": "VCID-knq9-pjhx-7qcn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14323.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14323.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14323", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18285", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14323" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420513", "reference_id": "2420513", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420513" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-93" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-93/", "reference_id": "mfsa2025-93", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-93/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996555", "reference_id": "show_bug.cgi?id=1996555", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996555" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14323" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-knq9-pjhx-7qcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/111?format=api", "vulnerability_id": "VCID-ks9t-n26j-cqg2", "summary": "Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.67312", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322424", "reference_id": "2322424", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322424" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1913000", "reference_id": "show_bug.cgi?id=1913000", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1913000" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10464" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ks9t-n26j-cqg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/797?format=api", "vulnerability_id": "VCID-ksbf-a1e1-cucg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14328.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14328.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14328", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17971", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14328" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14328", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14328" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420508", "reference_id": "2420508", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420508" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996761", "reference_id": "show_bug.cgi?id=1996761", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1996761" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14328" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ksbf-a1e1-cucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/741?format=api", "vulnerability_id": "VCID-kssx-csgu-3yg3", "summary": "A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50949", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689", "reference_id": "1106689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749", "reference_id": "2368749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749" }, { "reference_url": "https://issues.chromium.org/issues/419467315", "reference_id": "419467315", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://issues.chromium.org/issues/419467315" }, { "reference_url": "https://security.gentoo.org/glsa/202509-07", "reference_id": "GLSA-202509-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9118", "reference_id": "RHSA-2025:9118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9119", "reference_id": "RHSA-2025:9119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9120", "reference_id": "RHSA-2025:9120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9122", "reference_id": "RHSA-2025:9122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9123", "reference_id": "RHSA-2025:9123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9124", "reference_id": "RHSA-2025:9124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9125", "reference_id": "RHSA-2025:9125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9126", "reference_id": "RHSA-2025:9126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9127", "reference_id": "RHSA-2025:9127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9128", "reference_id": "RHSA-2025:9128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9331", "reference_id": "RHSA-2025:9331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9331" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://usn.ubuntu.com/7551-1/", "reference_id": "USN-7551-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7551-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-5283" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kssx-csgu-3yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/823?format=api", "vulnerability_id": "VCID-kxwc-x4t6-bqha", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13019.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13019.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10582", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13019" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414084", "reference_id": "2414084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414084" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988412", "reference_id": "show_bug.cgi?id=1988412", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988412" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13019" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxwc-x4t6-bqha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/757?format=api", "vulnerability_id": "VCID-kzhd-pzmd-9kgz", "summary": "A web page could trick a user into setting that site as the default handler for a custom URL protocol.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45547", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1935" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349792", "reference_id": "2349792", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349792" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1866661", "reference_id": "show_bug.cgi?id=1866661", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:40:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1866661" }, { "reference_url": "https://usn.ubuntu.com/7334-1/", "reference_id": "USN-7334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7334-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1935" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kzhd-pzmd-9kgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/435?format=api", "vulnerability_id": "VCID-m8yj-u8ak-8fe7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6748.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6748.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21552", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460103", "reference_id": "2460103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460103" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022604", "reference_id": "show_bug.cgi?id=2022604", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:38:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022604" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6748" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8yj-u8ak-8fe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/297?format=api", "vulnerability_id": "VCID-mda2-95w5-mber", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4700.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07491", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4700" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4700" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450752", "reference_id": "2450752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450752" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003766", "reference_id": "show_bug.cgi?id=2003766", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-26T13:02:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003766" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4700" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mda2-95w5-mber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/456?format=api", "vulnerability_id": "VCID-mgkq-skqv-mucw", "summary": "Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6785.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6785.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6785", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04456", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460104", "reference_id": "2460104", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460104" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6785" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgkq-skqv-mucw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/457?format=api", "vulnerability_id": "VCID-mhsk-ne56-z7ay", "summary": "Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04271", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460088", "reference_id": "2460088", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460088" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-22T03:56:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6786" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhsk-ne56-z7ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/332?format=api", "vulnerability_id": "VCID-mub8-ugwz-s7et", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2762.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07088", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2762" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442308", "reference_id": "2442308", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442308" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011649", "reference_id": "show_bug.cgi?id=2011649", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:24:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011649" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2762" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mub8-ugwz-s7et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/796?format=api", "vulnerability_id": "VCID-mw84-a5x5-4qb6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14325.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14325.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14325", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.2782", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14325" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420504", "reference_id": "2420504", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420504" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1998050", "reference_id": "show_bug.cgi?id=1998050", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T17:04:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1998050" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14325" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mw84-a5x5-4qb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/366?format=api", "vulnerability_id": "VCID-n2mh-6a9s-n3a4", "summary": "Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8092.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8092.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06491", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8092" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467708", "reference_id": "2467708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467708" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1806249%2C2021977%2C2022576%2C2022722%2C2024439%2C2027883%2C2029463%2C2030323%2C2032042%2C2032043%2C2033270%2C2033637%2C2034422%2C2034496%2C2035879%2C2036516", "reference_id": "buglist.cgi?bug_id=1806249%2C2021977%2C2022576%2C2022722%2C2024439%2C2027883%2C2029463%2C2030323%2C2032042%2C2032043%2C2033270%2C2033637%2C2034422%2C2034496%2C2035879%2C2036516", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1806249%2C2021977%2C2022576%2C2022722%2C2024439%2C2027883%2C2029463%2C2030323%2C2032042%2C2032043%2C2033270%2C2033637%2C2034422%2C2034496%2C2035879%2C2036516" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-40", "reference_id": "mfsa2026-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-40/", "reference_id": "mfsa2026-40", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-41", "reference_id": "mfsa2026-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-41/", "reference_id": "mfsa2026-41", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-42", "reference_id": "mfsa2026-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-42/", "reference_id": "mfsa2026-42", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-43", "reference_id": "mfsa2026-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-43/", "reference_id": "mfsa2026-43", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-44", "reference_id": "mfsa2026-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-44/", "reference_id": "mfsa2026-44", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T03:55:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-44/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19160", "reference_id": "RHSA-2026:19160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20566", "reference_id": "RHSA-2026:20566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20574", "reference_id": "RHSA-2026:20574", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20574" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8092" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n2mh-6a9s-n3a4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/779?format=api", "vulnerability_id": "VCID-nca6-dfj3-1fa6", "summary": "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0242", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85411", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0242" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336181", "reference_id": "2336181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336181" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", "reference_id": "buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-0242" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nca6-dfj3-1fa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/285?format=api", "vulnerability_id": "VCID-nfdb-d7u5-afda", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4688.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4688", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07552", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4688" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450713", "reference_id": "2450713", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450713" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016373", "reference_id": "show_bug.cgi?id=2016373", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016373" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4688" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfdb-d7u5-afda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/780?format=api", "vulnerability_id": "VCID-nmb9-5mgu-dqhe", "summary": "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12568", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336175", "reference_id": "2336175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336175" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783", "reference_id": "buglist.cgi?bug_id=1827142%2C1932783", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-0243" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmb9-5mgu-dqhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/406?format=api", "vulnerability_id": "VCID-nyfk-bz4w-akce", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0883.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04176", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0883" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428968", "reference_id": "2428968", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428968" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989340", "reference_id": "show_bug.cgi?id=1989340", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:46:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989340" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0883" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nyfk-bz4w-akce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105?format=api", "vulnerability_id": "VCID-p88y-3xt6-afan", "summary": "An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72662", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322429", "reference_id": "2322429", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322429" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-57/", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1919087", "reference_id": "show_bug.cgi?id=1919087", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1919087" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10459" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p88y-3xt6-afan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/700?format=api", "vulnerability_id": "VCID-pah8-n6cz-c7b9", "summary": "Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1016.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1016.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.548", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1016" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343752", "reference_id": "2343752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343752" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1936601%2C1936844%2C1937694%2C1938469%2C1939583%2C1940994", "reference_id": "buglist.cgi?bug_id=1936601%2C1936844%2C1937694%2C1938469%2C1939583%2C1940994", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1936601%2C1936844%2C1937694%2C1938469%2C1939583%2C1940994" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-08/", "reference_id": "mfsa2025-08", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-08/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:03:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1016" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pah8-n6cz-c7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/283?format=api", "vulnerability_id": "VCID-pqwt-yndd-47fb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4686.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0805", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4686" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450734", "reference_id": "2450734", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450734" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016351", "reference_id": "show_bug.cgi?id=2016351", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-26T12:44:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016351" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4686" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pqwt-yndd-47fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/825?format=api", "vulnerability_id": "VCID-prm8-r4q1-zber", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13020.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13020.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17971", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13020" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414085", "reference_id": "2414085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414085" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1995686", "reference_id": "show_bug.cgi?id=1995686", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1995686" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13020" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-prm8-r4q1-zber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/26?format=api", "vulnerability_id": "VCID-ptff-qrsj-1yew", "summary": "Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37768", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315950", "reference_id": "2315950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315950" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476", "reference_id": "buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476" }, { "reference_url": "https://security.gentoo.org/glsa/202412-04", "reference_id": "GLSA-202412-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-04" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-48/", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:07:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7505", "reference_id": "RHSA-2024:7505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-9401" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptff-qrsj-1yew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/748?format=api", "vulnerability_id": "VCID-px5p-xdma-c7da", "summary": "A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57922", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368750", "reference_id": "2368750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368750" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1954137", "reference_id": "show_bug.cgi?id=1954137", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1954137" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-5267" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-px5p-xdma-c7da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/407?format=api", "vulnerability_id": "VCID-q5ez-a8hu-17hc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0884.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09134", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0884" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0884" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428967", "reference_id": "2428967", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428967" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003588", "reference_id": "show_bug.cgi?id=2003588", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-13T15:35:44Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003588" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0884" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5ez-a8hu-17hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/767?format=api", "vulnerability_id": "VCID-qaeb-t2y3-v3ce", "summary": "Thunderbird executed javascript: URLs when used in object and embed tags.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8029.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8029.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51339", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8029" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8029" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382720", "reference_id": "2382720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382720" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1928021", "reference_id": "show_bug.cgi?id=1928021", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T14:29:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1928021" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8029" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qaeb-t2y3-v3ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/845?format=api", "vulnerability_id": "VCID-qknk-w6fq-7ybb", "summary": "Use-after-free in MediaTrackGraphImpl::GetInstance()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25633", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403769", "reference_id": "2403769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403769" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988931", "reference_id": "show_bug.cgi?id=1988931", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988931" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-11708" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qknk-w6fq-7ybb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/726?format=api", "vulnerability_id": "VCID-qs65-ts7s-zkb1", "summary": "An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00994", "scoring_system": "epss", "scoring_elements": "0.77299", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4918" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367016", "reference_id": "2367016", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367016" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-36", "reference_id": "mfsa2025-36", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-36/", "reference_id": "mfsa2025-36", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-37", "reference_id": "mfsa2025-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-37/", "reference_id": "mfsa2025-37", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-38", "reference_id": "mfsa2025-38", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-38/", "reference_id": "mfsa2025-38", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-38/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-40", "reference_id": "mfsa2025-40", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-40/", "reference_id": "mfsa2025-40", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-41", "reference_id": "mfsa2025-41", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-41/", "reference_id": "mfsa2025-41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-41/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8049", "reference_id": "RHSA-2025:8049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8060", "reference_id": "RHSA-2025:8060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8125", "reference_id": "RHSA-2025:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8369", "reference_id": "RHSA-2025:8369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8370", "reference_id": "RHSA-2025:8370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8371", "reference_id": "RHSA-2025:8371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8465", "reference_id": "RHSA-2025:8465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8639", "reference_id": "RHSA-2025:8639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8640", "reference_id": "RHSA-2025:8640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8645", "reference_id": "RHSA-2025:8645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8807", "reference_id": "RHSA-2025:8807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8807" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1966612", "reference_id": "show_bug.cgi?id=1966612", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1966612" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-4918" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qs65-ts7s-zkb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/722?format=api", "vulnerability_id": "VCID-qxnq-dd84-xuf7", "summary": "Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00308", "scoring_system": "epss", "scoring_elements": "0.54343", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1017" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343748", "reference_id": "2343748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343748" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1926256%2C1935984%2C1935471", "reference_id": "buglist.cgi?bug_id=1926256%2C1935984%2C1935471", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1926256%2C1935984%2C1935471" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:05:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1017" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxnq-dd84-xuf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114?format=api", "vulnerability_id": "VCID-qz54-4jzp-4yam", "summary": "Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67715", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322433", "reference_id": "2322433", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322433" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706", "reference_id": "buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10467" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qz54-4jzp-4yam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/773?format=api", "vulnerability_id": "VCID-qzbt-quzy-kkez", "summary": "Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8035.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61403", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8035" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382703", "reference_id": "2382703", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382703" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1975961", "reference_id": "show_bug.cgi?id=1975961", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1975961" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8035" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzbt-quzy-kkez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81?format=api", "vulnerability_id": "VCID-r67t-hasn-nqda", "summary": "When handling keypress events, an attacker may have been able to trick a user into bypassing the \"Open Executable File?\" confirmation dialog. This could have led to malicious code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25685", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328950", "reference_id": "2328950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328950" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842187", "reference_id": "show_bug.cgi?id=1842187", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842187" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-11697" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r67t-hasn-nqda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/751?format=api", "vulnerability_id": "VCID-r8k6-4mbk-v3cx", "summary": "In resizeToAtLeast of SkRegion.cpp, there was a possible out of bounds write due to an integer overflow", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43097", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00912", "scoring_system": "epss", "scoring_elements": "0.76268", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43097" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://source.android.com/security/bulletin/2024-12-01", "reference_id": "2024-12-01", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/" } ], "url": "https://source.android.com/security/bulletin/2024-12-01" }, { "reference_url": "https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7", "reference_id": "8d355fe1d0795fc30b84194b87563f75c6f8f2a7", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:56:38Z/" } ], "url": "https://android.googlesource.com/platform/external/skia/+/8d355fe1d0795fc30b84194b87563f75c6f8f2a7" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-43097" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8k6-4mbk-v3cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/820?format=api", "vulnerability_id": "VCID-ramb-mrss-xfb2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13016.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13016.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.1031", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13016" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414083", "reference_id": "2414083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414083" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992130", "reference_id": "show_bug.cgi?id=1992130", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992130" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13016" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ramb-mrss-xfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/819?format=api", "vulnerability_id": "VCID-rcjm-fsst-qfec", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13012.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16614", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13012" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414086", "reference_id": "2414086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414086" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991458", "reference_id": "show_bug.cgi?id=1991458", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991458" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-13012" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcjm-fsst-qfec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349?format=api", "vulnerability_id": "VCID-rdbw-wqqa-qbg2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2779.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2779", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07088", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2779" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442327", "reference_id": "2442327", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442327" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1164141", "reference_id": "show_bug.cgi?id=1164141", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:15:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1164141" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2779" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdbw-wqqa-qbg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/798?format=api", "vulnerability_id": "VCID-rdkw-c71j-dyg5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14329.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14329.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14329", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17971", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14329" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14329", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14329" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420509", "reference_id": "2420509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420509" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1997018", "reference_id": "show_bug.cgi?id=1997018", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-10T04:57:15Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1997018" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14329" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdkw-c71j-dyg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/755?format=api", "vulnerability_id": "VCID-rj9d-hjtt-u7ba", "summary": "On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1933.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65851", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1933" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349794", "reference_id": "2349794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349794" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-15/", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1946004", "reference_id": "show_bug.cgi?id=1946004", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:58:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1946004" }, { "reference_url": "https://usn.ubuntu.com/7334-1/", "reference_id": "USN-7334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7334-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1933" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rj9d-hjtt-u7ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/312?format=api", "vulnerability_id": "VCID-rpb6-npgx-gqfh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4716.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07727", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4716" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4716" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450720", "reference_id": "2450720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450720" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018592", "reference_id": "show_bug.cgi?id=2018592", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2018592" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4716" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rpb6-npgx-gqfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/441?format=api", "vulnerability_id": "VCID-rxhp-bnpw-5ucc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6754.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6754.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21402", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460075", "reference_id": "2460075", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460075" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027541", "reference_id": "show_bug.cgi?id=2027541", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027541" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6754" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxhp-bnpw-5ucc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/732?format=api", "vulnerability_id": "VCID-s23u-gwjc-7keh", "summary": "Same-origin policy bypass in the Graphics: Canvas2D component.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9180.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19267", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9180" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389581", "reference_id": "2389581", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389581" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-64/", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-65", "reference_id": "mfsa2025-65", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-65" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-65/", "reference_id": "mfsa2025-65", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-65/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-66/", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-66/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-67/", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-70/", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-70/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-71/", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-71/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-72/", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-72/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14416", "reference_id": "RHSA-2025:14416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14417", "reference_id": "RHSA-2025:14417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14442", "reference_id": "RHSA-2025:14442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14640", "reference_id": "RHSA-2025:14640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14743", "reference_id": "RHSA-2025:14743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14844", "reference_id": "RHSA-2025:14844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15418", "reference_id": "RHSA-2025:15418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15419", "reference_id": "RHSA-2025:15419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15420", "reference_id": "RHSA-2025:15420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15421", "reference_id": "RHSA-2025:15421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15422", "reference_id": "RHSA-2025:15422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15423", "reference_id": "RHSA-2025:15423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15424", "reference_id": "RHSA-2025:15424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15430", "reference_id": "RHSA-2025:15430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15434", "reference_id": "RHSA-2025:15434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15435", "reference_id": "RHSA-2025:15435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15436", "reference_id": "RHSA-2025:15436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15437", "reference_id": "RHSA-2025:15437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15438", "reference_id": "RHSA-2025:15438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15496", "reference_id": "RHSA-2025:15496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15535", "reference_id": "RHSA-2025:15535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15535" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979782", "reference_id": "show_bug.cgi?id=1979782", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:05:47Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979782" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-9180" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s23u-gwjc-7keh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/702?format=api", "vulnerability_id": "VCID-s5d5-smkc-fbba", "summary": "An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6425.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6425.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61798", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6425" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6425", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6425" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374562", "reference_id": "2374562", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374562" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-51" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-51/", "reference_id": "mfsa2025-51", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-51/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-52", "reference_id": "mfsa2025-52", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-52" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-52/", "reference_id": "mfsa2025-52", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-52/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-53" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-53/", "reference_id": "mfsa2025-53", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-53/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-54" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-54/", "reference_id": "mfsa2025-54", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-54/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-55/", "reference_id": "mfsa2025-55", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-55/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10072", "reference_id": "RHSA-2025:10072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10073", "reference_id": "RHSA-2025:10073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10074", "reference_id": "RHSA-2025:10074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10159", "reference_id": "RHSA-2025:10159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10160", "reference_id": "RHSA-2025:10160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10161", "reference_id": "RHSA-2025:10161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10163", "reference_id": "RHSA-2025:10163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10164", "reference_id": "RHSA-2025:10164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10165", "reference_id": "RHSA-2025:10165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10166", "reference_id": "RHSA-2025:10166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10181", "reference_id": "RHSA-2025:10181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10182", "reference_id": "RHSA-2025:10182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10183", "reference_id": "RHSA-2025:10183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10184", "reference_id": "RHSA-2025:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10185", "reference_id": "RHSA-2025:10185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10186", "reference_id": "RHSA-2025:10186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10187", "reference_id": "RHSA-2025:10187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10188", "reference_id": "RHSA-2025:10188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10195", "reference_id": "RHSA-2025:10195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10196", "reference_id": "RHSA-2025:10196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10246", "reference_id": "RHSA-2025:10246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10246" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1717672", "reference_id": "show_bug.cgi?id=1717672", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:21:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1717672" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-6425" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s5d5-smkc-fbba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/363?format=api", "vulnerability_id": "VCID-sdan-9u9t-dqdk", "summary": "Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2793.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2793", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22573", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2793" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442287", "reference_id": "2442287", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442287" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498", "reference_id": "buglist.cgi?bug_id=2015196%2C2016423%2C2016498", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2015196%2C2016423%2C2016498" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2793" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdan-9u9t-dqdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/362?format=api", "vulnerability_id": "VCID-smme-p7kr-1bby", "summary": "Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2792.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2792", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22251", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2792" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442318", "reference_id": "2442318", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442318" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331", "reference_id": "buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2008912%2C2010050%2C2010275%2C2012331" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2792" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-smme-p7kr-1bby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/436?format=api", "vulnerability_id": "VCID-sn7g-bszk-7khh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6749.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6749.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17158", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460096", "reference_id": "2460096", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460096" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022610", "reference_id": "show_bug.cgi?id=2022610", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:07:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2022610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6749" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sn7g-bszk-7khh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/716?format=api", "vulnerability_id": "VCID-sqaj-rvcg-5fe5", "summary": "Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2674", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395759", "reference_id": "2395759", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395759" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938220%2C1980730%2C1981280%2C1981283%2C1984505%2C1985067", "reference_id": "buglist.cgi?bug_id=1938220%2C1980730%2C1981280%2C1981283%2C1984505%2C1985067", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1938220%2C1980730%2C1981280%2C1981283%2C1984505%2C1985067" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-73/", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-75/", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-77/", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-78/", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-17T03:55:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16108", "reference_id": "RHSA-2025:16108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16109", "reference_id": "RHSA-2025:16109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16156", "reference_id": "RHSA-2025:16156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16157", "reference_id": "RHSA-2025:16157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16260", "reference_id": "RHSA-2025:16260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16589", "reference_id": "RHSA-2025:16589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17340", "reference_id": "RHSA-2025:17340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17341", "reference_id": "RHSA-2025:17341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17342", "reference_id": "RHSA-2025:17342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17343", "reference_id": "RHSA-2025:17343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17344", "reference_id": "RHSA-2025:17344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17345", "reference_id": "RHSA-2025:17345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17346", "reference_id": "RHSA-2025:17346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17367", "reference_id": "RHSA-2025:17367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17368", "reference_id": "RHSA-2025:17368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17371", "reference_id": "RHSA-2025:17371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17372", "reference_id": "RHSA-2025:17372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17373", "reference_id": "RHSA-2025:17373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17374", "reference_id": "RHSA-2025:17374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17378", "reference_id": "RHSA-2025:17378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17453", "reference_id": "RHSA-2025:17453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17453" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-10537" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqaj-rvcg-5fe5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/792?format=api", "vulnerability_id": "VCID-swrh-3acx-5bfn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14321.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24966", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14321" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14321", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14321" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420503", "reference_id": "2420503", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420503" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992760", "reference_id": "show_bug.cgi?id=1992760", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T19:36:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992760" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14321" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swrh-3acx-5bfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/365?format=api", "vulnerability_id": "VCID-szne-daeu-yyaf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8094.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05717", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467706", "reference_id": "2467706", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467706" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-41", "reference_id": "mfsa2026-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-41/", "reference_id": "mfsa2026-41", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-44", "reference_id": "mfsa2026-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-44/", "reference_id": "mfsa2026-44", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-44/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19160", "reference_id": "RHSA-2026:19160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20566", "reference_id": "RHSA-2026:20566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20574", "reference_id": "RHSA-2026:20574", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20574" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2035939", "reference_id": "show_bug.cgi?id=2035939", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:35:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2035939" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8094" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-szne-daeu-yyaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/396?format=api", "vulnerability_id": "VCID-t1vq-j38a-2ygb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0679", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8091" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-36/", "reference_id": "mfsa2026-36", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-39" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-39/", "reference_id": "mfsa2026-39", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-39/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-42", "reference_id": "mfsa2026-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-42/", "reference_id": "mfsa2026-42", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-42/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029301", "reference_id": "show_bug.cgi?id=2029301", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-08T22:31:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2029301" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8091" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t1vq-j38a-2ygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108?format=api", "vulnerability_id": "VCID-t2ta-b79e-gbe8", "summary": "Truncation of a long URL could have allowed origin spoofing in a permission prompt.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66431", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322440", "reference_id": "2322440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322440" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920423", "reference_id": "show_bug.cgi?id=1920423", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920423" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10462" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ta-b79e-gbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/408?format=api", "vulnerability_id": "VCID-t49a-dxu7-6qhp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07396", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0885" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428961", "reference_id": "2428961", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428961" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003607", "reference_id": "show_bug.cgi?id=2003607", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-13T20:24:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2003607" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0885" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t49a-dxu7-6qhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340?format=api", "vulnerability_id": "VCID-tc5e-e18p-4qhf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2770.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04988", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2770" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442343", "reference_id": "2442343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442343" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014585", "reference_id": "show_bug.cgi?id=2014585", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014585" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2770" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tc5e-e18p-4qhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/346?format=api", "vulnerability_id": "VCID-tes3-9dxj-87gb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08653", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2776" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442291", "reference_id": "2442291", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442291" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015266", "reference_id": "show_bug.cgi?id=2015266", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:19:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015266" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2776" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tes3-9dxj-87gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/393?format=api", "vulnerability_id": "VCID-ty3k-pg97-7ff9", "summary": "Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20374", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5734" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455897", "reference_id": "2455897", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455897" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505", "reference_id": "buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-25", "reference_id": "mfsa2026-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-25/", "reference_id": "mfsa2026-25", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-27", "reference_id": "mfsa2026-27", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-27" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-27/", "reference_id": "mfsa2026-27", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-27/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-28", "reference_id": "mfsa2026-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-28/", "reference_id": "mfsa2026-28", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-29", "reference_id": "mfsa2026-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-29/", "reference_id": "mfsa2026-29", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-29/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11805", "reference_id": "RHSA-2026:11805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11813", "reference_id": "RHSA-2026:11813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12264", "reference_id": "RHSA-2026:12264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13342", "reference_id": "RHSA-2026:13342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13412", "reference_id": "RHSA-2026:13412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13533", "reference_id": "RHSA-2026:13533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13582", "reference_id": "RHSA-2026:13582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13583", "reference_id": "RHSA-2026:13583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13596", "reference_id": "RHSA-2026:13596", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13596" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13600", "reference_id": "RHSA-2026:13600", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13600" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13665", "reference_id": "RHSA-2026:13665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13682", "reference_id": "RHSA-2026:13682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13683", "reference_id": "RHSA-2026:13683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13922", "reference_id": "RHSA-2026:13922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13977", "reference_id": "RHSA-2026:13977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14223", "reference_id": "RHSA-2026:14223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14303", "reference_id": "RHSA-2026:14303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15889", "reference_id": "RHSA-2026:15889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7671", "reference_id": "RHSA-2026:7671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7672", "reference_id": "RHSA-2026:7672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8052", "reference_id": "RHSA-2026:8052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8459", "reference_id": "RHSA-2026:8459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9345", "reference_id": "RHSA-2026:9345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9638", "reference_id": "RHSA-2026:9638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9638" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-5734" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ty3k-pg97-7ff9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/314?format=api", "vulnerability_id": "VCID-tyba-j6k8-z3hh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59375.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27587", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59375" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/libexpat/libexpat/issues/1018", "reference_id": "1018", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/" } ], "url": "https://github.com/libexpat/libexpat/issues/1018" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/1034", "reference_id": "1034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/1034" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298", "reference_id": "1115298", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108", "reference_id": "2395108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108" }, { "reference_url": "https://issues.oss-fuzz.com/issues/439133977", "reference_id": "439133977", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/" } ], "url": "https://issues.oss-fuzz.com/issues/439133977" }, { "reference_url": "https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes", "reference_id": "Changes", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/" } ], "url": "https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes" }, { "reference_url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74", "reference_id": "Changes#L45-L74", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:22:58Z/" } ], "url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19020", "reference_id": "RHSA-2025:19020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19403", "reference_id": "RHSA-2025:19403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21030", "reference_id": "RHSA-2025:21030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21773", "reference_id": "RHSA-2025:21773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21776", "reference_id": "RHSA-2025:21776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21974", "reference_id": "RHSA-2025:21974", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22033", "reference_id": "RHSA-2025:22033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22034", "reference_id": "RHSA-2025:22034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22035", "reference_id": "RHSA-2025:22035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22175", "reference_id": "RHSA-2025:22175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22607", "reference_id": "RHSA-2025:22607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22618", "reference_id": "RHSA-2025:22618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22785", "reference_id": "RHSA-2025:22785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22842", "reference_id": "RHSA-2025:22842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22871", "reference_id": "RHSA-2025:22871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22935", "reference_id": "RHSA-2025:22935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23078", "reference_id": "RHSA-2025:23078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23079", "reference_id": "RHSA-2025:23079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23080", "reference_id": "RHSA-2025:23080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23202", "reference_id": "RHSA-2025:23202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23204", "reference_id": "RHSA-2025:23204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23205", "reference_id": "RHSA-2025:23205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23209", "reference_id": "RHSA-2025:23209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23227", "reference_id": "RHSA-2025:23227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23248", "reference_id": "RHSA-2025:23248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23449", "reference_id": "RHSA-2025:23449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23550", "reference_id": "RHSA-2025:23550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0001", "reference_id": "RHSA-2026:0001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0076", "reference_id": "RHSA-2026:0076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0077", "reference_id": "RHSA-2026:0077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0078", "reference_id": "RHSA-2026:0078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0316", "reference_id": "RHSA-2026:0316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0326", "reference_id": "RHSA-2026:0326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0332", "reference_id": "RHSA-2026:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414", "reference_id": "RHSA-2026:0414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0420", "reference_id": "RHSA-2026:0420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0518", "reference_id": "RHSA-2026:0518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0674", "reference_id": "RHSA-2026:0674", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0677", "reference_id": "RHSA-2026:0677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0702", "reference_id": "RHSA-2026:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0996", "reference_id": "RHSA-2026:0996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950", "reference_id": "RHSA-2026:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1541", "reference_id": "RHSA-2026:1541", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652", "reference_id": "RHSA-2026:1652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19064", "reference_id": "RHSA-2026:19064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19177", "reference_id": "RHSA-2026:19177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21275", "reference_id": "RHSA-2026:21275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3407", "reference_id": "RHSA-2026:3407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3461", "reference_id": "RHSA-2026:3461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3462", "reference_id": "RHSA-2026:3462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5396", "reference_id": "RHSA-2026:5396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5396" }, { "reference_url": "https://usn.ubuntu.com/8022-1/", "reference_id": "USN-8022-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8022-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-59375" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyba-j6k8-z3hh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/727?format=api", "vulnerability_id": "VCID-tzbs-yt2e-77eg", "summary": "An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51344", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4919" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367018", "reference_id": "2367018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367018" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-36", "reference_id": "mfsa2025-36", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-36" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-36/", "reference_id": "mfsa2025-36", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-36/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-37", "reference_id": "mfsa2025-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-37" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-37/", "reference_id": "mfsa2025-37", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-37/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-38", "reference_id": "mfsa2025-38", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-38" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-38/", "reference_id": "mfsa2025-38", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-38/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-40", "reference_id": "mfsa2025-40", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-40/", "reference_id": "mfsa2025-40", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-41", "reference_id": "mfsa2025-41", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-41/", "reference_id": "mfsa2025-41", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-41/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8049", "reference_id": "RHSA-2025:8049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8060", "reference_id": "RHSA-2025:8060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8125", "reference_id": "RHSA-2025:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8369", "reference_id": "RHSA-2025:8369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8370", "reference_id": "RHSA-2025:8370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8371", "reference_id": "RHSA-2025:8371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8465", "reference_id": "RHSA-2025:8465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8639", "reference_id": "RHSA-2025:8639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8640", "reference_id": "RHSA-2025:8640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8645", "reference_id": "RHSA-2025:8645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8807", "reference_id": "RHSA-2025:8807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8807" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1966614", "reference_id": "show_bug.cgi?id=1966614", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T03:55:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1966614" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-4919" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzbs-yt2e-77eg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/691?format=api", "vulnerability_id": "VCID-u18d-7p21-jqg8", "summary": "A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3029.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3029.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33048", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3029" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3029" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356556", "reference_id": "2356556", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356556" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-20", "reference_id": "mfsa2025-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-20/", "reference_id": "mfsa2025-20", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-22", "reference_id": "mfsa2025-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-22/", "reference_id": "mfsa2025-22", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-23", "reference_id": "mfsa2025-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-23/", "reference_id": "mfsa2025-23", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-24", "reference_id": "mfsa2025-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-24/", "reference_id": "mfsa2025-24", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3556", "reference_id": "RHSA-2025:3556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3581", "reference_id": "RHSA-2025:3581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3582", "reference_id": "RHSA-2025:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3587", "reference_id": "RHSA-2025:3587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3589", "reference_id": "RHSA-2025:3589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3590", "reference_id": "RHSA-2025:3590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3620", "reference_id": "RHSA-2025:3620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3621", "reference_id": "RHSA-2025:3621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3623", "reference_id": "RHSA-2025:3623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3628", "reference_id": "RHSA-2025:3628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4026", "reference_id": "RHSA-2025:4026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4027", "reference_id": "RHSA-2025:4027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4028", "reference_id": "RHSA-2025:4028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4029", "reference_id": "RHSA-2025:4029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4030", "reference_id": "RHSA-2025:4030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4031", "reference_id": "RHSA-2025:4031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4032", "reference_id": "RHSA-2025:4032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4169", "reference_id": "RHSA-2025:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4170", "reference_id": "RHSA-2025:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7491", "reference_id": "RHSA-2025:7491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7493", "reference_id": "RHSA-2025:7493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7493" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1952213", "reference_id": "show_bug.cgi?id=1952213", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:38:36Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1952213" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-3029" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u18d-7p21-jqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/756?format=api", "vulnerability_id": "VCID-u1nw-8562-pfb2", "summary": "It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.57025", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349790", "reference_id": "2349790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349790" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1942881", "reference_id": "show_bug.cgi?id=1942881", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:50:25Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1942881" }, { "reference_url": "https://usn.ubuntu.com/7334-1/", "reference_id": "USN-7334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7334-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1934" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1nw-8562-pfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/405?format=api", "vulnerability_id": "VCID-u2hq-ttdt-xye7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14327.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14327", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04401", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14327" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14327" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420507", "reference_id": "2420507", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420507" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970743", "reference_id": "show_bug.cgi?id=1970743", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T20:42:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970743" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14327" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u2hq-ttdt-xye7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/434?format=api", "vulnerability_id": "VCID-u7qf-8ncj-5uae", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6747.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6747.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21011", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460095", "reference_id": "2460095", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460095" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021769", "reference_id": "show_bug.cgi?id=2021769", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:08:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2021769" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6747" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7qf-8ncj-5uae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/742?format=api", "vulnerability_id": "VCID-u7zd-r5jx-23ca", "summary": "Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39855", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368756", "reference_id": "2368756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368756" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-43/", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1960745", "reference_id": "show_bug.cgi?id=1960745", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1960745" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-5263" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7zd-r5jx-23ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/847?format=api", "vulnerability_id": "VCID-u926-beug-xydv", "summary": "A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2832", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403768", "reference_id": "2403768", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403768" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989899", "reference_id": "show_bug.cgi?id=1989899", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989899" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-11710" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u926-beug-xydv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/717?format=api", "vulnerability_id": "VCID-u9tm-qdjs-abeb", "summary": "A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1011.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1011.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52841", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1011" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343756", "reference_id": "2343756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343756" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-07/", "reference_id": "mfsa2025-07", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-07/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-11/", "reference_id": "mfsa2025-11", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1066", "reference_id": "RHSA-2025:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1132", "reference_id": "RHSA-2025:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1133", "reference_id": "RHSA-2025:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1135", "reference_id": "RHSA-2025:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1136", "reference_id": "RHSA-2025:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1137", "reference_id": "RHSA-2025:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1138", "reference_id": "RHSA-2025:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1139", "reference_id": "RHSA-2025:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1140", "reference_id": "RHSA-2025:1140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1184", "reference_id": "RHSA-2025:1184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1283", "reference_id": "RHSA-2025:1283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1292", "reference_id": "RHSA-2025:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1317", "reference_id": "RHSA-2025:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1318", "reference_id": "RHSA-2025:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1319", "reference_id": "RHSA-2025:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1339", "reference_id": "RHSA-2025:1339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1340", "reference_id": "RHSA-2025:1340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1341", "reference_id": "RHSA-2025:1341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1348", "reference_id": "RHSA-2025:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1348" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1936454", "reference_id": "show_bug.cgi?id=1936454", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-05T19:01:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1936454" }, { "reference_url": "https://usn.ubuntu.com/7263-1/", "reference_id": "USN-7263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7263-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1011" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9tm-qdjs-abeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/745?format=api", "vulnerability_id": "VCID-ubk2-785h-5kct", "summary": "Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63228", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5266" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368755", "reference_id": "2368755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368755" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1965628", "reference_id": "show_bug.cgi?id=1965628", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1965628" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-5266" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ubk2-785h-5kct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/331?format=api", "vulnerability_id": "VCID-uf15-ve5u-p3b7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34622", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2761" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442309", "reference_id": "2442309", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442309" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011063", "reference_id": "show_bug.cgi?id=2011063", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T15:52:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2011063" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2761" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uf15-ve5u-p3b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/707?format=api", "vulnerability_id": "VCID-ufgu-u7ss-pfd5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10528.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32063", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395755", "reference_id": "2395755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395755" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-73/", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-75/", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-77/", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-78/", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16108", "reference_id": "RHSA-2025:16108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16109", "reference_id": "RHSA-2025:16109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16156", "reference_id": "RHSA-2025:16156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16157", "reference_id": "RHSA-2025:16157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16260", "reference_id": "RHSA-2025:16260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16589", "reference_id": "RHSA-2025:16589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17340", "reference_id": "RHSA-2025:17340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17341", "reference_id": "RHSA-2025:17341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17342", "reference_id": "RHSA-2025:17342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17343", "reference_id": "RHSA-2025:17343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17344", "reference_id": "RHSA-2025:17344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17345", "reference_id": "RHSA-2025:17345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17346", "reference_id": "RHSA-2025:17346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17367", "reference_id": "RHSA-2025:17367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17368", "reference_id": "RHSA-2025:17368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17371", "reference_id": "RHSA-2025:17371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17372", "reference_id": "RHSA-2025:17372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17373", "reference_id": "RHSA-2025:17373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17374", "reference_id": "RHSA-2025:17374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17378", "reference_id": "RHSA-2025:17378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17453", "reference_id": "RHSA-2025:17453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17453" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1986185", "reference_id": "show_bug.cgi?id=1986185", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T18:02:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1986185" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-10528" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ufgu-u7ss-pfd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/295?format=api", "vulnerability_id": "VCID-uhv8-3f5a-1bfw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12476", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4698" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450719", "reference_id": "2450719", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450719" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-21" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-21/", "reference_id": "mfsa2026-21", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-21/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020906", "reference_id": "show_bug.cgi?id=2020906", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T03:55:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2020906" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4698" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhv8-3f5a-1bfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82?format=api", "vulnerability_id": "VCID-un91-2e6u-nkdy", "summary": "A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50818", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328942", "reference_id": "2328942", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328942" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899402", "reference_id": "show_bug.cgi?id=1899402", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899402" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-11704" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-un91-2e6u-nkdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/336?format=api", "vulnerability_id": "VCID-unwj-4n5m-w7d4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07088", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2766" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442294", "reference_id": "2442294", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442294" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013583", "reference_id": "show_bug.cgi?id=2013583", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:31:58Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013583" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2766" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-unwj-4n5m-w7d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/339?format=api", "vulnerability_id": "VCID-uw3f-xkcu-bqak", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2769.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06284", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2769" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442295", "reference_id": "2442295", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442295" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014550", "reference_id": "show_bug.cgi?id=2014550", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T14:20:50Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014550" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2769" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uw3f-xkcu-bqak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/364?format=api", "vulnerability_id": "VCID-v3pa-2j5z-dfeu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8090.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8090.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8090", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05993", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8090" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8090" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467709", "reference_id": "2467709", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467709" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-40", "reference_id": "mfsa2026-40", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-40" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-40/", "reference_id": "mfsa2026-40", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-40/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-41", "reference_id": "mfsa2026-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-41" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-41/", "reference_id": "mfsa2026-41", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-41/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-42", "reference_id": "mfsa2026-42", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-42/", "reference_id": "mfsa2026-42", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-43", "reference_id": "mfsa2026-43", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-43/", "reference_id": "mfsa2026-43", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-44", "reference_id": "mfsa2026-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-44/", "reference_id": "mfsa2026-44", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-44/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19160", "reference_id": "RHSA-2026:19160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20566", "reference_id": "RHSA-2026:20566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20574", "reference_id": "RHSA-2026:20574", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20574" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2034352", "reference_id": "show_bug.cgi?id=2034352", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:49:35Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2034352" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-8090" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v3pa-2j5z-dfeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/438?format=api", "vulnerability_id": "VCID-v6jv-zedv-u7fy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19915", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460109", "reference_id": "2460109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460109" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2025883", "reference_id": "show_bug.cgi?id=2025883", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T16:56:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2025883" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6751" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6jv-zedv-u7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/400?format=api", "vulnerability_id": "VCID-vdhr-htd7-4ub1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08601", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0877" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428969", "reference_id": "2428969", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428969" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-02/", "reference_id": "mfsa2026-02", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1999257", "reference_id": "show_bug.cgi?id=1999257", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-13T15:24:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1999257" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0877" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vdhr-htd7-4ub1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/765?format=api", "vulnerability_id": "VCID-vgb8-wp23-3qaj", "summary": "On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8027.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8027.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00489", "scoring_system": "epss", "scoring_elements": "0.65895", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8027" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382707", "reference_id": "2382707", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382707" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-57/", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1968423", "reference_id": "show_bug.cgi?id=1968423", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T13:42:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1968423" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8027" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgb8-wp23-3qaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/834?format=api", "vulnerability_id": "VCID-vgp1-72ck-gqb3", "summary": "Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4091.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4091.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55581", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4091" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362912", "reference_id": "2362912", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362912" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105", "reference_id": "buglist.cgi?bug_id=1951161%2C1952105", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-28/", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-29/", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-31/", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-32/", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4443", "reference_id": "RHSA-2025:4443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4458", "reference_id": "RHSA-2025:4458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4460", "reference_id": "RHSA-2025:4460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4751", "reference_id": "RHSA-2025:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4752", "reference_id": "RHSA-2025:4752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4753", "reference_id": "RHSA-2025:4753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4756", "reference_id": "RHSA-2025:4756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4797", "reference_id": "RHSA-2025:4797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7428", "reference_id": "RHSA-2025:7428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7506", "reference_id": "RHSA-2025:7506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7507", "reference_id": "RHSA-2025:7507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7543", "reference_id": "RHSA-2025:7543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7544", "reference_id": "RHSA-2025:7544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7545", "reference_id": "RHSA-2025:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7547", "reference_id": "RHSA-2025:7547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7689", "reference_id": "RHSA-2025:7689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7690", "reference_id": "RHSA-2025:7690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7691", "reference_id": "RHSA-2025:7691", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7691" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7692", "reference_id": "RHSA-2025:7692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7693", "reference_id": "RHSA-2025:7693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7694", "reference_id": "RHSA-2025:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7695", "reference_id": "RHSA-2025:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7695" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-4091" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgp1-72ck-gqb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113?format=api", "vulnerability_id": "VCID-vrkn-6p96-ykft", "summary": "By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71772", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322438", "reference_id": "2322438", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322438" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924154", "reference_id": "show_bug.cgi?id=1924154", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924154" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10466" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrkn-6p96-ykft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/708?format=api", "vulnerability_id": "VCID-vwkh-sy41-67e5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10529.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25206", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395756", "reference_id": "2395756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395756" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-73" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-73/", "reference_id": "mfsa2025-73", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-73/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-75" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-75/", "reference_id": "mfsa2025-75", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-75/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-77" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-77/", "reference_id": "mfsa2025-77", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-77/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-78" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-78/", "reference_id": "mfsa2025-78", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-78/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16108", "reference_id": "RHSA-2025:16108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16109", "reference_id": "RHSA-2025:16109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16156", "reference_id": "RHSA-2025:16156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16157", "reference_id": "RHSA-2025:16157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16260", "reference_id": "RHSA-2025:16260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16589", "reference_id": "RHSA-2025:16589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17340", "reference_id": "RHSA-2025:17340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17341", "reference_id": "RHSA-2025:17341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17342", "reference_id": "RHSA-2025:17342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17343", "reference_id": "RHSA-2025:17343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17344", "reference_id": "RHSA-2025:17344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17345", "reference_id": "RHSA-2025:17345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17346", "reference_id": "RHSA-2025:17346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17367", "reference_id": "RHSA-2025:17367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17368", "reference_id": "RHSA-2025:17368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17371", "reference_id": "RHSA-2025:17371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17372", "reference_id": "RHSA-2025:17372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17373", "reference_id": "RHSA-2025:17373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17374", "reference_id": "RHSA-2025:17374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17378", "reference_id": "RHSA-2025:17378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17453", "reference_id": "RHSA-2025:17453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17453" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970490", "reference_id": "show_bug.cgi?id=1970490", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:44:09Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970490" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-10529" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vwkh-sy41-67e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/399?format=api", "vulnerability_id": "VCID-vzpq-6jd2-duhf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05385", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283", "reference_id": "1128283", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219", "reference_id": "2440219", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-10", "reference_id": "mfsa2026-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-10/", "reference_id": "mfsa2026-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-11", "reference_id": "mfsa2026-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-11/", "reference_id": "mfsa2026-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16174", "reference_id": "RHSA-2026:16174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3967", "reference_id": "RHSA-2026:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4447", "reference_id": "RHSA-2026:4447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4629", "reference_id": "RHSA-2026:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5227", "reference_id": "RHSA-2026:5227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5228", "reference_id": "RHSA-2026:5228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5229", "reference_id": "RHSA-2026:5229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5230", "reference_id": "RHSA-2026:5230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5231", "reference_id": "RHSA-2026:5231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5319", "reference_id": "RHSA-2026:5319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5320", "reference_id": "RHSA-2026:5320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5323", "reference_id": "RHSA-2026:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5324", "reference_id": "RHSA-2026:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5326", "reference_id": "RHSA-2026:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8746", "reference_id": "RHSA-2026:8746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8747", "reference_id": "RHSA-2026:8747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8748", "reference_id": "RHSA-2026:8748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8748" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014390", "reference_id": "show_bug.cgi?id=2014390", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014390" }, { "reference_url": "https://usn.ubuntu.com/8053-1/", "reference_id": "USN-8053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2447" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vzpq-6jd2-duhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106?format=api", "vulnerability_id": "VCID-w1uv-az6r-qqcu", "summary": "The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00419", "scoring_system": "epss", "scoring_elements": "0.62255", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322444", "reference_id": "2322444", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322444" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912537", "reference_id": "show_bug.cgi?id=1912537", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912537" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10460" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w1uv-az6r-qqcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/392?format=api", "vulnerability_id": "VCID-waeb-qs91-4kbt", "summary": "Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5731.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5731", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21869", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5731" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455901", "reference_id": "2455901", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455901" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-25", "reference_id": "mfsa2026-25", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-25" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-25/", "reference_id": "mfsa2026-25", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-25/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-26", "reference_id": "mfsa2026-26", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-26" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-26/", "reference_id": "mfsa2026-26", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-26/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-27", "reference_id": "mfsa2026-27", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-27" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-27/", "reference_id": "mfsa2026-27", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-27/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-28", "reference_id": "mfsa2026-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-28/", "reference_id": "mfsa2026-28", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-29", "reference_id": "mfsa2026-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-29/", "reference_id": "mfsa2026-29", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-08T03:55:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-29/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11805", "reference_id": "RHSA-2026:11805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11813", "reference_id": "RHSA-2026:11813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12264", "reference_id": "RHSA-2026:12264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13342", "reference_id": "RHSA-2026:13342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13412", "reference_id": "RHSA-2026:13412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13533", "reference_id": "RHSA-2026:13533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13582", "reference_id": "RHSA-2026:13582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13583", "reference_id": "RHSA-2026:13583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13596", "reference_id": "RHSA-2026:13596", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13596" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13600", "reference_id": "RHSA-2026:13600", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13600" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13665", "reference_id": "RHSA-2026:13665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13682", "reference_id": "RHSA-2026:13682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13683", "reference_id": "RHSA-2026:13683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13922", "reference_id": "RHSA-2026:13922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13977", "reference_id": "RHSA-2026:13977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14223", "reference_id": "RHSA-2026:14223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14303", "reference_id": "RHSA-2026:14303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15889", "reference_id": "RHSA-2026:15889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7671", "reference_id": "RHSA-2026:7671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7672", "reference_id": "RHSA-2026:7672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8052", "reference_id": "RHSA-2026:8052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8459", "reference_id": "RHSA-2026:8459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9345", "reference_id": "RHSA-2026:9345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9638", "reference_id": "RHSA-2026:9638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9638" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-5731" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-waeb-qs91-4kbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/857?format=api", "vulnerability_id": "VCID-wf48-836h-53h5", "summary": "Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20073", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403774", "reference_id": "2403774", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403774" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899", "reference_id": "buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-11715" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wf48-836h-53h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/799?format=api", "vulnerability_id": "VCID-wpsg-9gf7-13dr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14330.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24375", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14330" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420516", "reference_id": "2420516", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420516" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-92" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-92/", "reference_id": "mfsa2025-92", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-92/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-94" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-94/", "reference_id": "mfsa2025-94", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-94/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-95" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-95/", "reference_id": "mfsa2025-95", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-95/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-96" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-96/", "reference_id": "mfsa2025-96", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-96/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23034", "reference_id": "RHSA-2025:23034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23035", "reference_id": "RHSA-2025:23035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23128", "reference_id": "RHSA-2025:23128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23856", "reference_id": "RHSA-2025:23856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0003", "reference_id": "RHSA-2026:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0004", "reference_id": "RHSA-2026:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0005", "reference_id": "RHSA-2026:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0006", "reference_id": "RHSA-2026:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0007", "reference_id": "RHSA-2026:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0013", "reference_id": "RHSA-2026:0013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0014", "reference_id": "RHSA-2026:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0015", "reference_id": "RHSA-2026:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0016", "reference_id": "RHSA-2026:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0017", "reference_id": "RHSA-2026:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0018", "reference_id": "RHSA-2026:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0019", "reference_id": "RHSA-2026:0019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0020", "reference_id": "RHSA-2026:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0021", "reference_id": "RHSA-2026:0021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0022", "reference_id": "RHSA-2026:0022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0023", "reference_id": "RHSA-2026:0023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0024", "reference_id": "RHSA-2026:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0025", "reference_id": "RHSA-2026:0025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0026", "reference_id": "RHSA-2026:0026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0124", "reference_id": "RHSA-2026:0124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0127", "reference_id": "RHSA-2026:0127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1997503", "reference_id": "show_bug.cgi?id=1997503", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-11T20:35:46Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1997503" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-14330" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpsg-9gf7-13dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/348?format=api", "vulnerability_id": "VCID-wr79-ta1b-hyer", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08653", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442335", "reference_id": "2442335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442335" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016358", "reference_id": "show_bug.cgi?id=2016358", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:17:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016358" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2778" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wr79-ta1b-hyer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80?format=api", "vulnerability_id": "VCID-wzux-r3fv-fyg9", "summary": "The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1785", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328943", "reference_id": "2328943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328943" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929600", "reference_id": "show_bug.cgi?id=1929600", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929600" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-11696" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzux-r3fv-fyg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/343?format=api", "vulnerability_id": "VCID-x7kn-h4ce-vqaj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2773.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0884", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2773" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442319", "reference_id": "2442319", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442319" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014832", "reference_id": "show_bug.cgi?id=2014832", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T02:37:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014832" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2773" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x7kn-h4ce-vqaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/361?format=api", "vulnerability_id": "VCID-xf1n-uj49-p3fx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2791.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2791", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08409", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2791" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442342", "reference_id": "2442342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442342" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015220", "reference_id": "show_bug.cgi?id=2015220", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:10:15Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015220" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2791" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xf1n-uj49-p3fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/337?format=api", "vulnerability_id": "VCID-xhh4-thp4-fyff", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17939", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2767" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442328", "reference_id": "2442328", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442328" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013741", "reference_id": "show_bug.cgi?id=2013741", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:10:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013741" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2767" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhh4-thp4-fyff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/777?format=api", "vulnerability_id": "VCID-xney-87gm-53g3", "summary": "Parsing a JavaScript module as JSON could under some circumstances cause cross-compartment access, which may result in a use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0240", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15359", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0240" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336188", "reference_id": "2336188", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336188" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623", "reference_id": "show_bug.cgi?id=1929623", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-0240" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xney-87gm-53g3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/692?format=api", "vulnerability_id": "VCID-xns8-z4be-r3bs", "summary": "Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3030.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3030.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46964", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3030" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3030" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356563", "reference_id": "2356563", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356563" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494", "reference_id": "buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1850615%2C1932468%2C1942551%2C1951017%2C1951494" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-20", "reference_id": "mfsa2025-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-20/", "reference_id": "mfsa2025-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-22", "reference_id": "mfsa2025-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-22/", "reference_id": "mfsa2025-22", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-23", "reference_id": "mfsa2025-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-23/", "reference_id": "mfsa2025-23", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-24", "reference_id": "mfsa2025-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-24/", "reference_id": "mfsa2025-24", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T03:55:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3556", "reference_id": "RHSA-2025:3556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3581", "reference_id": "RHSA-2025:3581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3582", "reference_id": "RHSA-2025:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3587", "reference_id": "RHSA-2025:3587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3589", "reference_id": "RHSA-2025:3589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3590", "reference_id": "RHSA-2025:3590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3620", "reference_id": "RHSA-2025:3620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3621", "reference_id": "RHSA-2025:3621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3623", "reference_id": "RHSA-2025:3623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3628", "reference_id": "RHSA-2025:3628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4026", "reference_id": "RHSA-2025:4026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4027", "reference_id": "RHSA-2025:4027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4028", "reference_id": "RHSA-2025:4028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4029", "reference_id": "RHSA-2025:4029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4030", "reference_id": "RHSA-2025:4030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4031", "reference_id": "RHSA-2025:4031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4032", "reference_id": "RHSA-2025:4032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4169", "reference_id": "RHSA-2025:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4170", "reference_id": "RHSA-2025:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7491", "reference_id": "RHSA-2025:7491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7493", "reference_id": "RHSA-2025:7493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7493" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-3030" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xns8-z4be-r3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/760?format=api", "vulnerability_id": "VCID-xp44-3pt4-2ue1", "summary": "Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54587", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1938" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349793", "reference_id": "2349793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349793" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111", "reference_id": "buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1922889%2C1935004%2C1943586%2C1943912%2C1948111" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2899", "reference_id": "RHSA-2025:2899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2900", "reference_id": "RHSA-2025:2900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2957", "reference_id": "RHSA-2025:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2958", "reference_id": "RHSA-2025:2958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2959", "reference_id": "RHSA-2025:2959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2960", "reference_id": "RHSA-2025:2960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3009", "reference_id": "RHSA-2025:3009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3013", "reference_id": "RHSA-2025:3013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3036", "reference_id": "RHSA-2025:3036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3036" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1938" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xp44-3pt4-2ue1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/770?format=api", "vulnerability_id": "VCID-y3je-ddex-xyh3", "summary": "XSLT document loading did not correctly propagate the source document which bypassed its CSP.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8032.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8032.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55659", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8032" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382718", "reference_id": "2382718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382718" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1974407", "reference_id": "show_bug.cgi?id=1974407", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T13:55:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1974407" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8032" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3je-ddex-xyh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112?format=api", "vulnerability_id": "VCID-y4xw-cu5j-nbfc", "summary": "A clipboard \"paste\" button could persist across tabs which allowed a spoofing attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10465", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66431", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10465" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322434", "reference_id": "2322434", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322434" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918853", "reference_id": "show_bug.cgi?id=1918853", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918853" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-10465" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4xw-cu5j-nbfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/342?format=api", "vulnerability_id": "VCID-y5qy-jwyp-bban", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06083", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2772" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442326", "reference_id": "2442326", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442326" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014827", "reference_id": "show_bug.cgi?id=2014827", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:16:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014827" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2772" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5qy-jwyp-bban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/754?format=api", "vulnerability_id": "VCID-y6zq-n9uh-8kd2", "summary": "An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44615", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349796", "reference_id": "2349796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349796" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1944313", "reference_id": "show_bug.cgi?id=1944313", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:05:35Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1944313" }, { "reference_url": "https://usn.ubuntu.com/7334-1/", "reference_id": "USN-7334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7334-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1932" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6zq-n9uh-8kd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/317?format=api", "vulnerability_id": "VCID-y8w8-tc81-ryhr", "summary": "Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07727", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4720" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450751", "reference_id": "2450751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450751" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733", "reference_id": "buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=2004652%2C2019372%2C2021922%2C2022567%2C2022733" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:56:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4720" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8w8-tc81-ryhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/344?format=api", "vulnerability_id": "VCID-yar2-m8ch-8fcd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07274", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2774" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442290", "reference_id": "2442290", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442290" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014883", "reference_id": "show_bug.cgi?id=2014883", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:21:15Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014883" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2774" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yar2-m8ch-8fcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/454?format=api", "vulnerability_id": "VCID-ybek-h33z-v7dr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17158", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460074", "reference_id": "2460074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460074" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-31/", "reference_id": "mfsa2026-31", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2026089", "reference_id": "show_bug.cgi?id=2026089", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:40:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2026089" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6772" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybek-h33z-v7dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/764?format=api", "vulnerability_id": "VCID-yfq7-nc7g-v7gx", "summary": "Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5269.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5269.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.62811", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368757", "reference_id": "2368757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368757" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924108", "reference_id": "show_bug.cgi?id=1924108", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924108" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-5269" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yfq7-nc7g-v7gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/316?format=api", "vulnerability_id": "VCID-ygp6-et8g-5khe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06622", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4719" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450746", "reference_id": "2450746", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450746" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016367", "reference_id": "show_bug.cgi?id=2016367", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:08:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016367" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4719" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ygp6-et8g-5khe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/848?format=api", "vulnerability_id": "VCID-yn6r-ptdw-aket", "summary": "There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11711.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11711.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09468", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403776", "reference_id": "2403776", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403776" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989978", "reference_id": "show_bug.cgi?id=1989978", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989978" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-11711" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yn6r-ptdw-aket" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/411?format=api", "vulnerability_id": "VCID-yucu-c6vn-sfdy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428971", "reference_id": "2428971", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428971" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-01/", "reference_id": "mfsa2026-01", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-03/", "reference_id": "mfsa2026-03", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-04/", "reference_id": "mfsa2026-04", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-05/", "reference_id": "mfsa2026-05", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0667", "reference_id": "RHSA-2026:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0694", "reference_id": "RHSA-2026:0694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0924", "reference_id": "RHSA-2026:0924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1320", "reference_id": "RHSA-2026:1320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1413", "reference_id": "RHSA-2026:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1414", "reference_id": "RHSA-2026:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1415", "reference_id": "RHSA-2026:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1461", "reference_id": "RHSA-2026:1461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1462", "reference_id": "RHSA-2026:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1471", "reference_id": "RHSA-2026:1471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1487", "reference_id": "RHSA-2026:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2041", "reference_id": "RHSA-2026:2041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2043", "reference_id": "RHSA-2026:2043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2044", "reference_id": "RHSA-2026:2044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2047", "reference_id": "RHSA-2026:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2069", "reference_id": "RHSA-2026:2069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2070", "reference_id": "RHSA-2026:2070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2073", "reference_id": "RHSA-2026:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2074", "reference_id": "RHSA-2026:2074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2220", "reference_id": "RHSA-2026:2220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2231", "reference_id": "RHSA-2026:2231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2271", "reference_id": "RHSA-2026:2271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2286", "reference_id": "RHSA-2026:2286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2286" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2005081", "reference_id": "show_bug.cgi?id=2005081", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-15T15:30:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2005081" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-0890" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yucu-c6vn-sfdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/817?format=api", "vulnerability_id": "VCID-yx9k-e2yd-xyb6", "summary": "A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4083.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4083.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4083", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56804", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4083" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4083", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4083" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362907", "reference_id": "2362907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362907" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-28" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-28/", "reference_id": "mfsa2025-28", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-28/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-29" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-29/", "reference_id": "mfsa2025-29", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-29/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-30/", "reference_id": "mfsa2025-30", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-31" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-31/", "reference_id": "mfsa2025-31", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-31/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-32/", "reference_id": "mfsa2025-32", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-32/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4443", "reference_id": "RHSA-2025:4443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4458", "reference_id": "RHSA-2025:4458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4460", "reference_id": "RHSA-2025:4460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4460" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4751", "reference_id": "RHSA-2025:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4752", "reference_id": "RHSA-2025:4752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4753", "reference_id": "RHSA-2025:4753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4756", "reference_id": "RHSA-2025:4756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4797", "reference_id": "RHSA-2025:4797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7428", "reference_id": "RHSA-2025:7428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7506", "reference_id": "RHSA-2025:7506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7507", "reference_id": "RHSA-2025:7507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7543", "reference_id": "RHSA-2025:7543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7544", "reference_id": "RHSA-2025:7544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7545", "reference_id": "RHSA-2025:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7547", "reference_id": "RHSA-2025:7547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7689", "reference_id": "RHSA-2025:7689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7690", "reference_id": "RHSA-2025:7690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7691", "reference_id": "RHSA-2025:7691", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7691" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7692", "reference_id": "RHSA-2025:7692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7693", "reference_id": "RHSA-2025:7693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7694", "reference_id": "RHSA-2025:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7695", "reference_id": "RHSA-2025:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7695" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1958350", "reference_id": "show_bug.cgi?id=1958350", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1958350" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-4083" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yx9k-e2yd-xyb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/772?format=api", "vulnerability_id": "VCID-z2m8-1qr8-53dp", "summary": "Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.68005", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8034" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382711", "reference_id": "2382711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382711" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-56/", "reference_id": "mfsa2025-56", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-57/", "reference_id": "mfsa2025-57", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-58/", "reference_id": "mfsa2025-58", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-59/", "reference_id": "mfsa2025-59", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-59/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-61" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-61/", "reference_id": "mfsa2025-61", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-61/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-62" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-62/", "reference_id": "mfsa2025-62", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-62/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-63/", "reference_id": "mfsa2025-63", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-63/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11747", "reference_id": "RHSA-2025:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11748", "reference_id": "RHSA-2025:11748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11797", "reference_id": "RHSA-2025:11797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12044", "reference_id": "RHSA-2025:12044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12045", "reference_id": "RHSA-2025:12045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12046", "reference_id": "RHSA-2025:12046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12187", "reference_id": "RHSA-2025:12187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12188", "reference_id": "RHSA-2025:12188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12278", "reference_id": "RHSA-2025:12278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12302", "reference_id": "RHSA-2025:12302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12353", "reference_id": "RHSA-2025:12353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12360", "reference_id": "RHSA-2025:12360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12361", "reference_id": "RHSA-2025:12361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13645", "reference_id": "RHSA-2025:13645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13646", "reference_id": "RHSA-2025:13646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13647", "reference_id": "RHSA-2025:13647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13648", "reference_id": "RHSA-2025:13648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13649", "reference_id": "RHSA-2025:13649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13650", "reference_id": "RHSA-2025:13650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13651", "reference_id": "RHSA-2025:13651", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13676", "reference_id": "RHSA-2025:13676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13676" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970422", "reference_id": "show_bug.cgi?id=1970422", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-24T03:55:30Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1970422" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-8034" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2m8-1qr8-53dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/338?format=api", "vulnerability_id": "VCID-z4d9-13dv-5yhw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2768.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27572", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2768" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442298", "reference_id": "2442298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442298" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014101", "reference_id": "show_bug.cgi?id=2014101", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T21:02:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014101" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2768" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4d9-13dv-5yhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/753?format=api", "vulnerability_id": "VCID-z4da-g7sq-9kbe", "summary": "It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1931.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.60172", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1931" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1931" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349786", "reference_id": "2349786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349786" }, { "reference_url": "https://security.gentoo.org/glsa/202505-02", "reference_id": "GLSA-202505-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-02" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-14/", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-15/", "reference_id": "mfsa2025-15", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-16/", "reference_id": "mfsa2025-16", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-17/", "reference_id": "mfsa2025-17", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-17/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-18" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-18/", "reference_id": "mfsa2025-18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-18/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2359", "reference_id": "RHSA-2025:2359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2452", "reference_id": "RHSA-2025:2452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2479", "reference_id": "RHSA-2025:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2480", "reference_id": "RHSA-2025:2480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2481", "reference_id": "RHSA-2025:2481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2484", "reference_id": "RHSA-2025:2484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2485", "reference_id": "RHSA-2025:2485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2486", "reference_id": "RHSA-2025:2486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2699", "reference_id": "RHSA-2025:2699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2708", "reference_id": "RHSA-2025:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2708" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1944126", "reference_id": "show_bug.cgi?id=1944126", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T19:54:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1944126" }, { "reference_url": "https://usn.ubuntu.com/7334-1/", "reference_id": "USN-7334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7334-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-1931" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4da-g7sq-9kbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/856?format=api", "vulnerability_id": "VCID-zb1n-26m8-w7g2", "summary": "Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19259", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403763", "reference_id": "2403763", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403763" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113", "reference_id": "buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-11714" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb1n-26m8-w7g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/733?format=api", "vulnerability_id": "VCID-zb4w-j9rx-x3fb", "summary": "Uninitialized memory in the JavaScript Engine component.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9181.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9181.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31231", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9181" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389583", "reference_id": "2389583", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389583" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-64/", "reference_id": "mfsa2025-64", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-66" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-66/", "reference_id": "mfsa2025-66", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-66/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-67/", "reference_id": "mfsa2025-67", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-70" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-70/", "reference_id": "mfsa2025-70", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-70/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-71" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-71/", "reference_id": "mfsa2025-71", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-71/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-72" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-72/", "reference_id": "mfsa2025-72", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-72/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14416", "reference_id": "RHSA-2025:14416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14417", "reference_id": "RHSA-2025:14417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14442", "reference_id": "RHSA-2025:14442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14640", "reference_id": "RHSA-2025:14640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14743", "reference_id": "RHSA-2025:14743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14844", "reference_id": "RHSA-2025:14844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15418", "reference_id": "RHSA-2025:15418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15419", "reference_id": "RHSA-2025:15419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15420", "reference_id": "RHSA-2025:15420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15421", "reference_id": "RHSA-2025:15421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15422", "reference_id": "RHSA-2025:15422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15423", "reference_id": "RHSA-2025:15423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15424", "reference_id": "RHSA-2025:15424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15430", "reference_id": "RHSA-2025:15430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15434", "reference_id": "RHSA-2025:15434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15435", "reference_id": "RHSA-2025:15435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15436", "reference_id": "RHSA-2025:15436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15437", "reference_id": "RHSA-2025:15437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15438", "reference_id": "RHSA-2025:15438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15496", "reference_id": "RHSA-2025:15496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15535", "reference_id": "RHSA-2025:15535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15535" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1977130", "reference_id": "show_bug.cgi?id=1977130", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:26Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1977130" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-9181" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb4w-j9rx-x3fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/345?format=api", "vulnerability_id": "VCID-zcwh-hr22-qug2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08586", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2775" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442314", "reference_id": "2442314", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442314" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-13/", "reference_id": "mfsa2026-13", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-14/", "reference_id": "mfsa2026-14", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-15/", "reference_id": "mfsa2026-15", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-15/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-16" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-16/", "reference_id": "mfsa2026-16", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-16/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-17" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-17/", "reference_id": "mfsa2026-17", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-17/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015199", "reference_id": "show_bug.cgi?id=2015199", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-28T03:20:30Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2015199" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-2775" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zcwh-hr22-qug2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/315?format=api", "vulnerability_id": "VCID-zefg-t9v4-zyem", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03328", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4718" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450742", "reference_id": "2450742", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450742" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-20" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "reference_id": "mfsa2026-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-20/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-22" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-22/", "reference_id": "mfsa2026-22", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-22/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-23" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "reference_id": "mfsa2026-23", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-23/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-24" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-24/", "reference_id": "mfsa2026-24", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-24/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5930", "reference_id": "RHSA-2026:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5931", "reference_id": "RHSA-2026:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5932", "reference_id": "RHSA-2026:5932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6188", "reference_id": "RHSA-2026:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6342", "reference_id": "RHSA-2026:6342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6917", "reference_id": "RHSA-2026:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7837", "reference_id": "RHSA-2026:7837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7838", "reference_id": "RHSA-2026:7838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7839", "reference_id": "RHSA-2026:7839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7840", "reference_id": "RHSA-2026:7840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7841", "reference_id": "RHSA-2026:7841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7842", "reference_id": "RHSA-2026:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7843", "reference_id": "RHSA-2026:7843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7845", "reference_id": "RHSA-2026:7845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7858", "reference_id": "RHSA-2026:7858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8284", "reference_id": "RHSA-2026:8284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8285", "reference_id": "RHSA-2026:8285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8286", "reference_id": "RHSA-2026:8286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8287", "reference_id": "RHSA-2026:8287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8288", "reference_id": "RHSA-2026:8288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8289", "reference_id": "RHSA-2026:8289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8290", "reference_id": "RHSA-2026:8290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8315", "reference_id": "RHSA-2026:8315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8427", "reference_id": "RHSA-2026:8427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8850", "reference_id": "RHSA-2026:8850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8850" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014864", "reference_id": "show_bug.cgi?id=2014864", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:11:07Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014864" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-4718" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zefg-t9v4-zyem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19?format=api", "vulnerability_id": "VCID-zg3a-65gb-5qbv", "summary": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9394.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9394.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36947", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9394" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9394", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9394" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315957", "reference_id": "2315957", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315957" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-46/", "reference_id": "mfsa2024-46", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-47" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-47/", "reference_id": "mfsa2024-47", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-48" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-48/", "reference_id": "mfsa2024-48", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-49" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-49/", "reference_id": "mfsa2024-49", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-50" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-50/", "reference_id": "mfsa2024-50", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7505", "reference_id": "RHSA-2024:7505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7552", "reference_id": "RHSA-2024:7552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7621", "reference_id": "RHSA-2024:7621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7622", "reference_id": "RHSA-2024:7622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7646", "reference_id": "RHSA-2024:7646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7699", "reference_id": "RHSA-2024:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7700", "reference_id": "RHSA-2024:7700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7702", "reference_id": "RHSA-2024:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7703", "reference_id": "RHSA-2024:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7704", "reference_id": "RHSA-2024:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7842", "reference_id": "RHSA-2024:7842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7853", "reference_id": "RHSA-2024:7853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7854", "reference_id": "RHSA-2024:7854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7855", "reference_id": "RHSA-2024:7855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7856", "reference_id": "RHSA-2024:7856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8166", "reference_id": "RHSA-2024:8166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8169", "reference_id": "RHSA-2024:8169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8169" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918874", "reference_id": "show_bug.cgi?id=1918874", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918874" }, { "reference_url": "https://usn.ubuntu.com/7056-1/", "reference_id": "USN-7056-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7056-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-9394" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zg3a-65gb-5qbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87?format=api", "vulnerability_id": "VCID-zgwh-84ue-1kdw", "summary": "Memory safety bugs present in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30613", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328947", "reference_id": "2328947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328947" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911", "reference_id": "buglist.cgi?bug_id=1880582%2C1929911", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2024-11699" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgwh-84ue-1kdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/440?format=api", "vulnerability_id": "VCID-zty1-r5ye-xqe8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19915", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460092", "reference_id": "2460092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460092" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-30" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-30/", "reference_id": "mfsa2026-30", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-30/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-32/", "reference_id": "mfsa2026-32", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-32/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-33" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-33/", "reference_id": "mfsa2026-33", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-33/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-34" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-34/", "reference_id": "mfsa2026-34", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-34/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10757", "reference_id": "RHSA-2026:10757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10766", "reference_id": "RHSA-2026:10766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10767", "reference_id": "RHSA-2026:10767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12285", "reference_id": "RHSA-2026:12285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13537", "reference_id": "RHSA-2026:13537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15892", "reference_id": "RHSA-2026:15892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17477", "reference_id": "RHSA-2026:17477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17687", "reference_id": "RHSA-2026:17687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17688", "reference_id": "RHSA-2026:17688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17689", "reference_id": "RHSA-2026:17689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17690", "reference_id": "RHSA-2026:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19041", "reference_id": "RHSA-2026:19041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19131", "reference_id": "RHSA-2026:19131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19201", "reference_id": "RHSA-2026:19201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19348", "reference_id": "RHSA-2026:19348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19461", "reference_id": "RHSA-2026:19461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19462", "reference_id": "RHSA-2026:19462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19463", "reference_id": "RHSA-2026:19463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19464", "reference_id": "RHSA-2026:19464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19465", "reference_id": "RHSA-2026:19465", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19465" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19466", "reference_id": "RHSA-2026:19466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19467", "reference_id": "RHSA-2026:19467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19468", "reference_id": "RHSA-2026:19468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19469", "reference_id": "RHSA-2026:19469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19542", "reference_id": "RHSA-2026:19542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19655", "reference_id": "RHSA-2026:19655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19704", "reference_id": "RHSA-2026:19704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19704" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027501", "reference_id": "show_bug.cgi?id=2027501", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T17:11:04Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2027501" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2026-6753" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zty1-r5ye-xqe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/851?format=api", "vulnerability_id": "VCID-zw1m-naqh-sqfd", "summary": "A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11712.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11712.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13725", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403770", "reference_id": "2403770", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403770" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979536", "reference_id": "show_bug.cgi?id=1979536", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979536" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/511632?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ng-ds1t-ybdy" }, { "vulnerability": "VCID-1sgn-41vs-efcy" }, { "vulnerability": "VCID-5fc5-xu9y-ekca" }, { "vulnerability": "VCID-5h7s-sfrz-eye3" }, { "vulnerability": "VCID-e6ek-fjxf-subv" }, { "vulnerability": "VCID-fbuu-t3mf-cfeg" }, { "vulnerability": "VCID-fhmv-bse8-abaw" }, { "vulnerability": "VCID-g339-cuzq-ffh1" }, { "vulnerability": "VCID-ghpk-c1e6-pkae" }, { "vulnerability": "VCID-hjh5-utas-ekb9" }, { "vulnerability": "VCID-rne7-tu7d-v7e9" }, { "vulnerability": "VCID-tqws-w9ga-gqew" }, { "vulnerability": "VCID-tuxm-fxt8-vbee" }, { "vulnerability": "VCID-tzqv-xgdb-efa1" }, { "vulnerability": "VCID-uncq-bg36-3yfe" }, { "vulnerability": "VCID-vseb-hh7u-1fc5" }, { "vulnerability": "VCID-w8ts-g59t-z3d7" }, { "vulnerability": "VCID-z1zg-s87s-fkdu" }, { "vulnerability": "VCID-z8mw-3stk-vbdg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" } ], "aliases": [ "CVE-2025-11712" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zw1m-naqh-sqfd" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1" }