Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox@139.0-1?distro=sid

Type deb

Namespace debian

Name firefox

Version 139.0-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 139.0.4-1

Latest_non_vulnerable_version 150.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7q66-66b2-kucc

vulnerability_id VCID-7q66-66b2-kucc

summary Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5266

reference_id

reference_type

scores

value	0.00434
scoring_system	epss
scoring_elements	0.62875
published_at	2026-04-21T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62896
published_at	2026-04-24T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62888
published_at	2026-04-16T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62795
published_at	2026-04-07T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62863
published_at	2026-04-09T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62846
published_at	2026-04-08T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62831
published_at	2026-04-04T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62802
published_at	2026-04-02T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62847
published_at	2026-04-13T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62869
published_at	2026-04-12T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.62881
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5266

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368755
reference_id	2368755
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368755

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_id

mfsa2025-44

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_id

mfsa2025-46

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1965628

reference_id

show_bug.cgi?id=1965628

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1965628

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5266

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7q66-66b2-kucc

url VCID-98mt-7srw-qfh4

vulnerability_id VCID-98mt-7srw-qfh4

summary A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5283

reference_id

reference_type

scores

value	0.00273
scoring_system	epss
scoring_elements	0.50693
published_at	2026-04-24T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50744
published_at	2026-04-21T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50764
published_at	2026-04-18T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50758
published_at	2026-04-16T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50681
published_at	2026-04-02T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50756
published_at	2026-04-11T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50663
published_at	2026-04-07T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50718
published_at	2026-04-13T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50714
published_at	2026-04-09T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50733
published_at	2026-04-12T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50707
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5283

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689
reference_id	1106689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368749
reference_id	2368749
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368749

reference_url

https://issues.chromium.org/issues/419467315

reference_id

419467315

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/

url

https://issues.chromium.org/issues/419467315

reference_url	https://security.gentoo.org/glsa/202509-07
reference_id	GLSA-202509-07
reference_type
scores
url	https://security.gentoo.org/glsa/202509-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_id

mfsa2025-43

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9118
reference_id	RHSA-2025:9118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9118

reference_url	https://access.redhat.com/errata/RHSA-2025:9119
reference_id	RHSA-2025:9119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9119

reference_url	https://access.redhat.com/errata/RHSA-2025:9120
reference_id	RHSA-2025:9120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9120

reference_url	https://access.redhat.com/errata/RHSA-2025:9122
reference_id	RHSA-2025:9122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9122

reference_url	https://access.redhat.com/errata/RHSA-2025:9123
reference_id	RHSA-2025:9123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9123

reference_url	https://access.redhat.com/errata/RHSA-2025:9124
reference_id	RHSA-2025:9124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9124

reference_url	https://access.redhat.com/errata/RHSA-2025:9125
reference_id	RHSA-2025:9125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9125

reference_url	https://access.redhat.com/errata/RHSA-2025:9126
reference_id	RHSA-2025:9126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9126

reference_url	https://access.redhat.com/errata/RHSA-2025:9127
reference_id	RHSA-2025:9127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9127

reference_url	https://access.redhat.com/errata/RHSA-2025:9128
reference_id	RHSA-2025:9128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9128

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url	https://access.redhat.com/errata/RHSA-2025:9331
reference_id	RHSA-2025:9331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9331

reference_url

https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html

reference_id

stable-channel-update-for-desktop_27.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/

url

https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html

reference_url	https://usn.ubuntu.com/7551-1/
reference_id	USN-7551-1
reference_type
scores
url	https://usn.ubuntu.com/7551-1/

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5283

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98mt-7srw-qfh4

url VCID-a8vw-n16x-duee

vulnerability_id VCID-a8vw-n16x-duee

summary Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5264

reference_id

reference_type

scores

value	0.00134
scoring_system	epss
scoring_elements	0.32851
published_at	2026-04-24T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32997
published_at	2026-04-21T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33034
published_at	2026-04-18T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33056
published_at	2026-04-16T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33169
published_at	2026-04-04T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33074
published_at	2026-04-09T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33044
published_at	2026-04-08T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32998
published_at	2026-04-07T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33136
published_at	2026-04-02T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33014
published_at	2026-04-13T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33039
published_at	2026-04-12T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33077
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5264

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368751
reference_id	2368751
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368751

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_id

mfsa2025-43

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-43/

reference_id

mfsa2025-43

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-43/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_id

mfsa2025-44

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_id

mfsa2025-46

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1950001

reference_id

show_bug.cgi?id=1950001

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1950001

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5264

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8vw-n16x-duee

url VCID-cz9e-m77e-bbdx

vulnerability_id VCID-cz9e-m77e-bbdx

summary Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5272.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5272.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5272

reference_id

reference_type

scores

value	0.00367
scoring_system	epss
scoring_elements	0.58615
published_at	2026-04-24T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58596
published_at	2026-04-07T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58648
published_at	2026-04-08T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58654
published_at	2026-04-09T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58672
published_at	2026-04-11T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58653
published_at	2026-04-12T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58633
published_at	2026-04-13T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58666
published_at	2026-04-16T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58671
published_at	2026-04-18T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58647
published_at	2026-04-21T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58606
published_at	2026-04-02T12:55:00Z

value	0.00367
scoring_system	epss
scoring_elements	0.58627
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5272

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368754
reference_id	2368754
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368754

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1726254%2C1742738%2C1960121

reference_id

buglist.cgi?bug_id=1726254%2C1742738%2C1960121

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:05:49Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1726254%2C1742738%2C1960121

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:05:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:05:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5272

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cz9e-m77e-bbdx

url VCID-d2fm-vmeb-xuh9

vulnerability_id VCID-d2fm-vmeb-xuh9

summary Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5271.json

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5271.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5271

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51549
published_at	2026-04-24T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51504
published_at	2026-04-07T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51558
published_at	2026-04-08T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51555
published_at	2026-04-09T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51599
published_at	2026-04-11T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51578
published_at	2026-04-12T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51567
published_at	2026-04-13T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51608
published_at	2026-04-16T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51616
published_at	2026-04-18T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51595
published_at	2026-04-21T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51517
published_at	2026-04-02T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51544
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5271

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368753
reference_id	2368753
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368753

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:36:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:36:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1920348

reference_id

show_bug.cgi?id=1920348

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:36:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1920348

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5271

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d2fm-vmeb-xuh9

url VCID-dcjm-7xcr-ayew

vulnerability_id VCID-dcjm-7xcr-ayew

summary Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5268

reference_id

reference_type

scores

value	0.00436
scoring_system	epss
scoring_elements	0.63038
published_at	2026-04-24T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63019
published_at	2026-04-21T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.6304
published_at	2026-04-18T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62983
published_at	2026-04-04T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63015
published_at	2026-04-09T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62998
published_at	2026-04-08T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62947
published_at	2026-04-07T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62954
published_at	2026-04-02T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63033
published_at	2026-04-16T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62996
published_at	2026-04-13T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63018
published_at	2026-04-12T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63032
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5268

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368752
reference_id	2368752
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368752

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634

reference_id

buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_id

mfsa2025-44

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_id

mfsa2025-46

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5268

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dcjm-7xcr-ayew

url VCID-n2hq-1ck4-ayhp

vulnerability_id VCID-n2hq-1ck4-ayhp

summary Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5263

reference_id

reference_type

scores

value	0.00183
scoring_system	epss
scoring_elements	0.39797
published_at	2026-04-24T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.39968
published_at	2026-04-21T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40046
published_at	2026-04-18T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40075
published_at	2026-04-16T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40082
published_at	2026-04-04T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.4007
published_at	2026-04-09T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40056
published_at	2026-04-08T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40003
published_at	2026-04-07T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40055
published_at	2026-04-02T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40025
published_at	2026-04-13T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40044
published_at	2026-04-12T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40081
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5263

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368756
reference_id	2368756
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368756

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_id

mfsa2025-43

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-43/

reference_id

mfsa2025-43

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-43/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_id

mfsa2025-44

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_id

mfsa2025-46

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1960745

reference_id

show_bug.cgi?id=1960745

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1960745

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5263

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n2hq-1ck4-ayhp

url VCID-rkj9-dd18-xka9

vulnerability_id VCID-rkj9-dd18-xka9

summary A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5267

reference_id

reference_type

scores

value	0.00352
scoring_system	epss
scoring_elements	0.57587
published_at	2026-04-24T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57629
published_at	2026-04-21T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57655
published_at	2026-04-16T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57619
published_at	2026-04-04T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57651
published_at	2026-04-18T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57647
published_at	2026-04-08T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57593
published_at	2026-04-07T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57598
published_at	2026-04-02T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57625
published_at	2026-04-13T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57645
published_at	2026-04-12T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57666
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5267

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368750
reference_id	2368750
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368750

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_id

mfsa2025-44

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-44/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_id

mfsa2025-46

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-46/

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1954137

reference_id

show_bug.cgi?id=1954137

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1954137

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5267

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkj9-dd18-xka9

url VCID-xwva-p4mz-tyh4

vulnerability_id VCID-xwva-p4mz-tyh4

summary In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5270.json

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5270.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5270

reference_id

reference_type

scores

value	0.00168
scoring_system	epss
scoring_elements	0.37754
published_at	2026-04-24T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38046
published_at	2026-04-09T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.37985
published_at	2026-04-07T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38036
published_at	2026-04-08T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38064
published_at	2026-04-11T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38079
published_at	2026-04-02T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.37967
published_at	2026-04-21T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38048
published_at	2026-04-16T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38003
published_at	2026-04-13T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38027
published_at	2026-04-18T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.38103
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5270

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368758
reference_id	2368758
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368758

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_id

mfsa2025-42

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:33:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_id

mfsa2025-45

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:33:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-45/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1910298

reference_id

show_bug.cgi?id=1910298

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:33:45Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1910298

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@139.0-1?distro=sid
purl	pkg:deb/debian/firefox@139.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

aliases CVE-2025-5270

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xwva-p4mz-tyh4

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@139.0-1%3Fdistro=sid

Package Instance